mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
993 B
993 B
CVE-2022-25901
&color=brighgreen)
Description
Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service (ReDoS) via the Cookie.parse function, which uses an insecure regular expression.
POC
Reference
- https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3176681
- https://security.snyk.io/vuln/SNYK-JS-COOKIEJAR-3149984