Skip to main content

Ssri

2 CVEs product

Monthly

CVE-2021-27290 npm HIGH POC PATCH This Week

ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Ssri Graalvm Sinec Infrastructure Network Services
NVD GitHub
CVSS 3.1
7.5
EPSS
4.7%
CVE-2018-7651 npm MEDIUM PATCH This Month

index.js in the ssri module before 5.2.2 for Node.js is prone to a regular expression denial of service vulnerability in strict mode functionality via a long base64 hash string. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Node.js Ssri
NVD GitHub
CVSS 3.0
5.9
EPSS
1.8%
EPSS 5% CVSS 7.5
HIGH POC PATCH This Week

ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Ssri Graalvm +1
NVD GitHub
EPSS 2% CVSS 5.9
MEDIUM PATCH This Month

index.js in the ssri module before 5.2.2 for Node.js is prone to a regular expression denial of service vulnerability in strict mode functionality via a long base64 hash string. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Node.js Ssri
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy