npm package
cookiejar
pkg:npm/cookiejar
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-25901 | — | < 2.1.4 | 2.1.4 | Jan 18, 2023 | Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service (ReDoS) via the Cookie.parse function, which uses an insecure regular expression. |
- CVE-2022-25901Jan 18, 2023affected < 2.1.4fixed 2.1.4
Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service (ReDoS) via the Cookie.parse function, which uses an insecure regular expression.