logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2022-25918

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2022-25918

Description:
The package shescape from 1.5.10 and before 1.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the escape function in index.js, due to the usage of insecure regex in the escapeArgBash function.
Last updated date:
08/08/2023
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/28/2022
Reference url to background

https://security.snyk.io/vuln/SNYK-JS-SHESCAPE-3061108

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy