CVE-2022-21222 in css-what정보

요약

\~에 의해 MITRE • 2022. 09. 30.

The package css-what before 2.1.3 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of insecure regular expression in the re_attr variable of index.js. The exploitation of this vulnerability could be triggered via the parse function.

Be aware that VulDB is the high quality source for vulnerability data.

책임이 있는

Snyk

예약하다

2022. 02. 24.

모더레이션

수락

항목

VDB-210021

EPSS

0.01462

출처

Interested in the pricing of exploits?

See the underground prices here!