How severe is CVE-2022-1929?

CVE-2022-1929 has a CVSS v3 score of 5.9 (MEDIUM).

CVE-2022-1929

Name: devcert
Author: devcert_project

5.9MEDIUM

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the devcert npm package, when an attacker is able to supply arbitrary input to the certificateFor method

Опубликовано: 6/2/2022Обновлено: 11/21/2024

Описание

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the devcert npm package, when an attacker is able to supply arbitrary input to the certificateFor method

ИИ-АнализНа базе ИИ

Затронутые продукты

devcert_projectdevcert

Ссылки

https://research.jfrog.com/vulnerabilities/devcert-redos-xray-211352/
ExploitThird Party Advisory
https://research.jfrog.com/vulnerabilities/devcert-redos-xray-211352/
ExploitThird Party Advisory