Lucene search
GoogleOSV:CVE-2018-3738HistoryJun 07, 2018 - 2:29 a.m.
CVE-2018-3738
2018-06-0702:29:08
Google
osv.dev
4
0.001 Low
EPSS
Percentile
26.4%
protobufjs is vulnerable to ReDoS when parsing crafted invalid .proto files.
| CPE | Name | Operator | Version |
|---|---|---|---|
| protobuf.js | eq | 6.7.1 | |
| protobuf.js | eq | 6.5.2 | |
| protobuf.js | eq | 6.4.0 | |
| protobuf.js | eq | 6.8.4 | |
| protobuf.js | eq | 6.0.1 | |
| protobuf.js | eq | 6.2.1 | |
| protobuf.js | eq | 6.6.3 | |
| protobuf.js | eq | 6.8.3 | |
| protobuf.js | eq | 6.2.0 | |
| protobuf.js | eq | 6.7.3 |
References
Related
cvelist
cvelist
CVE-2018-3738
2018-04-26 00:00:00
hackerone
hackerone
prion
prion
Code injection
2018-06-07 02:29:00
nvd
nvd
CVE-2018-3738
2018-06-07 02:29:08
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2018-04-03 04:54:20
cve
cve
CVE-2018-3738
2018-06-07 02:29:08
osv
osv
Denial of Service in protobufjs
2018-10-09 00:27:15
github
github
Denial of Service in protobufjs
2018-10-09 00:27:15