High severityNVD Advisory· Published Jan 11, 2023· Updated Nov 25, 2024
Prestaul skeemas base.js redos
CVE-2018-25074
Description
A vulnerability was found in Prestaul skeemas and classified as problematic. This issue affects some unknown processing of the file validators/base.js. The manipulation of the argument uri leads to inefficient regular expression complexity. The patch is named 65e94eda62dc8dc148ab3e59aa2ccc086ac448fd. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218003.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
skeemasnpm | < 1.2.5 | 1.2.5 |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/Prestaul/skeemas/commit/65e94eda62dc8dc148ab3e59aa2ccc086ac448fdghsapatchWEB
- github.com/advisories/GHSA-qv66-f876-vjvrghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-25074ghsaADVISORY
- vuldb.comghsasignaturepermissions-requiredWEB
- vuldb.comghsavdb-entrytechnical-descriptionWEB
News mentions
0No linked articles in our index yet.