cve/CVE-2023-26115.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 6100550298 Update CVE sources 2024-06-22 09:37

2024-06-22 09:37:59 +00:00

1.0 KiB

Raw Permalink Blame History

CVE-2023-26115

Description

All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable.

POC

Reference

https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-4058657
https://security.snyk.io/vuln/SNYK-JS-WORDWRAP-3149973

Github

https://github.com/git-kick/ioBroker.e3dc-rscp
https://github.com/martinjackson/simple-widgets
https://github.com/seal-community/patches
https://github.com/sebhildebrandt/word-wrap-next

1.0 KiB Raw Permalink Blame History

CVE-2023-26115

Description

POC

Reference

Github

1.0 KiB

Raw Permalink Blame History