Skip to content

Regular Expression Denial of Service

Moderate severity GitHub Reviewed Published Jun 7, 2019 to the GitHub Advisory Database • Updated Jan 9, 2023

Package

npm nwmatcher (npm)

Affected versions

< 1.4.4

Patched versions

1.4.4

Description

A Regular Expression vulnerability was found in nwmatcher before 1.4.4. The fix replacing multiple repeated instances of the "\s*" pattern.

References

Reviewed Jun 7, 2019
Published to the GitHub Advisory Database Jun 7, 2019
Last updated Jan 9, 2023

Severity

Moderate

Weaknesses

CVE ID

No known CVE

GHSA ID

GHSA-6394-6h9h-cfjg

Source code

No known source code
Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.