cve/2020/CVE-2020-7753.md

CVE-2020-7753

Description

All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().

POC

Reference

• https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1022132
• https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1022132
• https://snyk.io/vuln/SNYK-JS-TRIM-1017038
• https://snyk.io/vuln/SNYK-JS-TRIM-1017038

Github

• https://github.com/davidrgfoss/davidrgfoss
• https://github.com/davidrgfoss/davidrgfoss-web
• https://github.com/seal-community/patches
• https://github.com/yetingli/PoCs