GHSA-38fc-wpqx-33j7

Suggest an improvement
Source
https://github.com/advisories/GHSA-38fc-wpqx-33j7
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/09/GHSA-38fc-wpqx-33j7/GHSA-38fc-wpqx-33j7.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-38fc-wpqx-33j7
Aliases
  • CVE-2021-23425
  • SNYK-JAVA-ORGWEBJARSNPM-1567197
  • SNYK-JS-TRIMOFFNEWLINES-1296850
Published
2021-09-02T17:15:42Z
Modified
2024-09-03T06:56:56.866865Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
Summary
Uncontrolled Resource Consumption in trim-off-newlines
Details

All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.

References

Affected packages

npm / trim-off-newlines

Package

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.3