Url-Regex · Url-Regex · CVE-2020-7661
Name of the Vulnerable Software and Affected Versions:
url-regex versions prior to a fixed version
Description:
The issue is related to a Regular Expression Denial of Service in the url-regex package. An attacker can cause a Denial of Service by providing a very long string in `String.test`. This can lead to uncontrolled resource consumption, allowing a remote attacker to cause a service disruption.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.