Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2021-27290

Related Vulnerabilities: CVE-2021-27290  

ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.

Source

Description

The MITRE CVE dictionary describes this issue as:

ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.

Additional Information

  • Bugzilla 1941471: CVE-2021-27290 nodejs-ssri: Regular expression DoS when parsing malicious SRI in strict mode
  • CWE-400: Uncontrolled Resource Consumption
  • FAQ: Frequently asked questions about CVE-2021-27290

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started