You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Summary:
Denial of Service in GitHub repository node-fetch/node-fetch prior to 3.2.10.
Details:
nodejs-cve20222596-dos (232616) - reported on 2022-07-31 (Format: yyyy-mm-dd)
Node.js node-fetch module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the isOriginPotentiallyTrustworthy() function in the referrer.js script. By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service.
Consequences: Denial of Service
Remedy:
Upgrade to the latest version of Node.js node-fetch module (3.2.10 or later), available from the NPM Web site. See References.
and plans of updating the version to latest
The text was updated successfully, but these errors were encountered:
Summary:
Denial of Service in GitHub repository node-fetch/node-fetch prior to 3.2.10.
Details:
nodejs-cve20222596-dos (232616) - reported on 2022-07-31 (Format: yyyy-mm-dd)
Node.js node-fetch module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the isOriginPotentiallyTrustworthy() function in the referrer.js script. By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service.
Consequences: Denial of Service
Remedy:
Upgrade to the latest version of Node.js node-fetch module (3.2.10 or later), available from the NPM Web site. See References.
and plans of updating the version to latest
The text was updated successfully, but these errors were encountered: