VYPR

Jsx Slack

by Yhatt

Source repositories

CVEs (2)

  • CVE-2021-43843Dec 20, 2021
    risk 0.00cvss epss 0.02

    jsx-slack is a package for building JSON objects for Slack block kit surfaces from JSX. The maintainers found the patch for CVE-2021-43838 in jsx-slack v4.5.1 is insufficient tfor protection from a Regular Expression Denial of Service (ReDoS) attack. If an attacker can put a lot…

  • CVE-2021-43838Dec 17, 2021
    risk 0.00cvss epss 0.01

    jsx-slack is a library for building JSON objects for Slack Block Kit surfaces from JSX. In versions prior to 4.5.1 users are vulnerable to a regular expression denial-of-service (ReDoS) attack. If attacker can put a lot of JSX elements into `` tag, an internal…