← Back

Url Regex

url-regex

Vendor: Url Regex Project • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-21195
1Url Regex Project
1Url Regex
Nov 21, 2024
May 20, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
All versions of package url-regex are vulnerable to Regular Expression Denial of Service (ReDoS) which can cause the CPU usage to crash.
CVE-2020-7661
1Url Regex Project
1Url Regex
Nov 21, 2024
Jun 4, 2020
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
all versions of url-regex are vulnerable to Regular Expression Denial of Service. An attacker providing a very long string in String.test can cause a Denial of Service.