CVE-2021-23343

Description

All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.

POC

Reference

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279028
https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067

Github

https://github.com/broxus/ever-wallet-browser-extension
https://github.com/engn33r/awesome-redos-security
https://github.com/marcosrg9/YouTubeTV

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2021-23343.md

CVE-2021-23343.md

CVE-2021-23343

Description

POC

Reference

Github

Files

CVE-2021-23343.md

Latest commit

History

CVE-2021-23343.md

File metadata and controls

CVE-2021-23343

Description

POC

Reference

Github