High severityNVD Advisory· Published May 28, 2021· Updated Aug 3, 2024
CVE-2021-33623
CVE-2021-33623
Description
The trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
trim-newlinesnpm | < 3.0.1 | 3.0.1 |
trim-newlinesnpm | >= 4.0.0, < 4.0.1 | 4.0.1 |
Affected products
2- Node.js/trim-newlinesdescription
Patches
Vulnerability mechanics
References
9- github.com/advisories/GHSA-7p7h-4mm5-852vghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-33623ghsaADVISORY
- github.com/sindresorhus/trim-newlines/commit/25246c6ce5eea1c82d448998733a6302a4350d91ghsaWEB
- github.com/sindresorhus/trim-newlines/commit/b10d5f4afef832b16bc56d49fc52c68cbd403869ghsaWEB
- github.com/sindresorhus/trim-newlines/releases/tag/v4.0.1ghsaWEB
- lists.debian.org/debian-lts-announce/2022/12/msg00033.htmlghsamailing-listWEB
- security.netapp.com/advisory/ntap-20210702-0007ghsaWEB
- www.npmjs.com/package/trim-newlinesghsaWEB
- security.netapp.com/advisory/ntap-20210702-0007/mitre
News mentions
0No linked articles in our index yet.