PT-2023-10820 · Segmentio · Is-Url
Josdejong
·
Published
2023-02-04
·
Updated
2024-05-17
·
CVE-2018-25079
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Segmentio is-url versions up to 1.2.2
Description
A vulnerability was found in the file index.js, leading to inefficient regular expression complexity. The attack may be launched remotely.
Recommendations
For versions up to 1.2.2, upgrade to version 1.2.3 to address this issue. As a temporary workaround, consider restricting the use of the affected component until a patch is applied.
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Is-Url