Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service (ReDoS) via the Cookie.parse function, which uses an insecure regular expression.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: snyk
Published: 2023-01-18T05:00:01.282Z
Updated: 2024-08-03T04:49:44.454Z
Reserved: 2022-02-24T11:58:22.541Z
Link: CVE-2022-25901
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-01-18T05:15:11.860
Modified: 2023-11-07T03:44:52.567
Link: CVE-2022-25901
Redhat