Open RobertMickleCx opened 1 year ago
Vulnerable Package issue exists @ Npm-lodash-4.17.20 in branch master
Lodash before 4.17.21 is vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.
Namespace: RobertMickleCx Repository: NodeGoat Repository Url: https://github.com/RobertMickleCx/NodeGoat CxAST-Project: RobertMickleCx/NodeGoat CxAST platform scan: e7941f4d-fb14-4e6e-9cdc-c12dbbe3cdc7 Branch: master Application: NodeGoat Severity: MEDIUM State: NOT_IGNORED Status: RECURRENT CWE: CWE-400
Additional Info Attack vector: NETWORK Attack complexity: LOW Confidentiality impact: NONE Availability impact: LOW Remediation Upgrade Recommendation: 4.17.21
References Advisory Pull request Commit
Vulnerable Package issue exists @ Npm-lodash-4.17.20 in branch master
Lodash before 4.17.21 is vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.
Namespace: RobertMickleCx Repository: NodeGoat Repository Url: https://github.com/RobertMickleCx/NodeGoat CxAST-Project: RobertMickleCx/NodeGoat CxAST platform scan: e7941f4d-fb14-4e6e-9cdc-c12dbbe3cdc7 Branch: master Application: NodeGoat Severity: MEDIUM State: NOT_IGNORED Status: RECURRENT CWE: CWE-400
Additional Info Attack vector: NETWORK Attack complexity: LOW Confidentiality impact: NONE Availability impact: LOW Remediation Upgrade Recommendation: 4.17.21
References Advisory Pull request Commit