Moderate severityNVD Advisory· Published Jan 18, 2023· Updated Aug 5, 2024
melnaron mel-spintax spintax.js redos
CVE-2018-25077
Description
A vulnerability was found in melnaron mel-spintax. It has been rated as problematic. Affected by this issue is some unknown functionality of the file lib/spintax.js. The manipulation of the argument text leads to inefficient regular expression complexity. The name of the patch is 37767617846e27b87b63004e30216e8f919637d3. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218456.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
mel-spintaxnpm | < 1.0.3 | 1.0.3 |
Affected products
2- Range: n/a
Patches
Vulnerability mechanics
References
5- github.com/melnaron/mel-spintax/commit/37767617846e27b87b63004e30216e8f919637d3ghsapatchWEB
- github.com/advisories/GHSA-qjm7-55vv-3c5fghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-25077ghsaADVISORY
- vuldb.commitresignaturepermissions-required
- vuldb.comghsavdb-entrytechnical-descriptionWEB
News mentions
0No linked articles in our index yet.