Regular Expression Denial of Service · GHSA-6394-6h9h-cfjg · GitHub Advisory Database · GitHub

Regular Expression Denial of Service

Moderate severity GitHub Reviewed Published Jun 7, 2019 to the GitHub Advisory Database • Updated Jan 9, 2023

Package

nwmatcher (npm)

Affected versions

< 1.4.4

Patched versions

1.4.4

Description

A Regular Expression vulnerability was found in nwmatcher before 1.4.4. The fix replacing multiple repeated instances of the "\s*" pattern.

References

dperini/nwmatcher@9dcc2b0

Reviewed Jun 7, 2019

Published to the GitHub Advisory Database Jun 7, 2019

Last updated Jan 9, 2023