Lucene search
GoogleOSV:CVE-2021-23364HistoryApr 28, 2021 - 4:15 p.m.
CVE-2021-23364
2021-04-2816:15:08
Google
osv.dev
10
browserslist
vulnerability
regular expression denial of service
parsing
queries
The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.
References
github.com/browserslist/browserslist/blob/e82f32d1d4100d6bc79ea0b6b6a2d281a561e33c/index.js%23L472-L474
github.com/browserslist/browserslist/commit/c091916910dfe0b5fd61caad96083c6709b02d98
github.com/browserslist/browserslist/pull/593
snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1277182
snyk.io/vuln/SNYK-JS-BROWSERSLIST-1090194
Related
nodejs
nodejs
Regular Expression Denial of Service
2021-05-24 19:56:39
ibm
ibm
Security Bulletin: Open Source Dependency Vulnerability
2023-05-15 18:11:50
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2021-04-23 01:46:56
redhatcve
redhatcve
CVE-2021-23364
2021-04-30 17:49:22
cve
cve
CVE-2021-23364
2021-04-28 16:15:08
debiancve
debiancve
CVE-2021-23364
2021-04-28 16:15:08
ubuntucve
ubuntucve
CVE-2021-23364
2021-04-28 00:00:00
osv
osv
Regular Expression Denial of Service in browserslist
2021-05-24 19:52:40
github
github
Regular Expression Denial of Service in browserslist
2021-05-24 19:52:40
prion
prion
Design/Logic Flaw
2021-04-28 16:15:00
cvelist
cvelist
CVE-2021-23364 Regular Expression Denial of Service (ReDoS)
2021-04-28 15:35:19
nvd
nvd
CVE-2021-23364
2021-04-28 16:15:08
redhat
redhat