Ssri Project

ssri_project

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Ssri

ssri

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-27290 3Oracle SiemensSsri Project 3Graalvm Sinec Infrastructure Network ServicesSsri Nov 21, 2024 Mar 12, 2021 N/A· v4 7.5 HIGH· v3 4.3 MEDIUM· v2 ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issu...Show more ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.Show less
CVE-2018-7651 1Ssri Project 1Ssri Nov 21, 2024 Mar 4, 2018 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 index.js in the ssri module before 5.2.2 for Node.js is prone to a regular expression denial of service vulnerability in strict mode functionality via a long base64 hash string.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2021-27290

3Oracle

SiemensSsri Project

3Graalvm

Sinec Infrastructure Network ServicesSsri

Nov 21, 2024

Mar 12, 2021

N/A· v4

7.5 HIGH· v3

4.3 MEDIUM· v2

ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issu...Show more

CVE-2018-7651

1Ssri Project

1Ssri

Nov 21, 2024

Mar 4, 2018

N/A· v4

5.9 MEDIUM· v3

4.3 MEDIUM· v2

index.js in the ssri module before 5.2.2 for Node.js is prone to a regular expression denial of service vulnerability in strict mode functionality via a long base64 hash string.