Lucene search
GoogleOSV:CVE-2021-27290HistoryMar 12, 2021 - 10:15 p.m.
CVE-2021-27290
2021-03-1222:15:14
Google
osv.dev
8
ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.
| CPE | Name | Operator | Version |
|---|---|---|---|
| nodejs | eq | 14.15.3-r2 | |
| nodejs | eq | 8.9.2-r0 | |
| nodejs | eq | 6.11.1-r2 | |
| nodejs | eq | 6.10.1-r0 | |
| nodejs | eq | 8.9.3-r0 | |
| hosted-git-info | eq | 5.2.2 | |
| nodejs | eq | 12.18.0-r1 | |
| hosted-git-info | eq | 7.0.0 | |
| nodejs | eq | 4.5.0-r0 | |
| nodejs | eq | 12.18.0-r0 |
Related
debiancve
debiancve
CVE-2021-27290
2021-03-12 22:15:14
prion
prion
Design/Logic Flaw
2021-03-12 22:15:00
ibm
ibm
Security Bulletin: IBM Integration Bus & IBM App Connect Enterprise V11 are affected by vulnerabilities in Node.js (CVE-2021-27290)
2021-08-04 07:47:01
nvd
nvd
CVE-2021-27290
2021-03-12 22:15:14
github
github
Regular Expression Denial of Service (ReDoS)
2021-03-19 21:24:36
cvelist
cvelist
CVE-2021-27290
2021-03-12 21:47:41
cve
cve
CVE-2021-27290
2021-03-12 22:15:14
ubuntucve
ubuntucve
CVE-2021-27290
2021-03-12 00:00:00
redhatcve
redhatcve
CVE-2021-27290
2021-03-22 08:58:41
osv
osv
Regular Expression Denial of Service (ReDoS)
2021-03-19 21:24:36
Moderate: nodejs:12 security, bug fix, and enhancement update
2021-08-10 12:00:47
Moderate: nodejs:14 security, bug fix, and enhancement update
2021-08-10 12:00:51
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2021-03-15 01:24:07
alpinelinux
alpinelinux
CVE-2021-27290
2021-03-12 22:15:14
nessus
nessus
RHEL 8 : nodejs-ssri (Unpatched Vulnerability)
2024-05-11 00:00:00
Rocky Linux 8 : nodejs:14 (RLSA-2021:3074)
2022-02-09 00:00:00
Oracle Linux 8 : nodejs:14 (ELSA-2021-3074)
2021-08-11 00:00:00
openvas
openvas
Node.js 12.x < 12.22.2, 14.x < 14.17.0 Multiple Vulnerabilities - Mac OS X
2021-07-14 00:00:00
Node.js 12.x < 12.22.2, 14.x < 14.17.0 Multiple Vulnerabilities - Windows
2021-07-14 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:2618-1)
2021-08-06 00:00:00
mageia
mageia
Updated nodejs packages fix security vulnerabilities
2021-07-25 17:45:06
oraclelinux
oraclelinux
nodejs:12 security, bug fix, and enhancement update
2021-08-12 00:00:00
nodejs:14 security, bug fix, and enhancement update
2021-08-12 00:00:00
rocky
rocky
nodejs:12 security, bug fix, and enhancement update
2021-08-10 12:00:47
nodejs:14 security, bug fix, and enhancement update
2021-08-10 12:00:51
redhat
redhat
suse
suse
Security update for nodejs8 (important)
2021-08-05 00:00:00
Security update for nodejs8 (important)
2021-08-10 00:00:00
Security update for nodejs14 (important)
2021-07-15 00:00:00
almalinux
almalinux
Moderate: nodejs:14 security, bug fix, and enhancement update
2021-08-10 12:00:51
Moderate: nodejs:12 security, bug fix, and enhancement update
2021-08-10 12:00:47
archlinux
archlinux
[ASA-202107-13] nodejs: multiple issues
2021-07-06 00:00:00
[ASA-202107-33] nodejs-lts-erbium: multiple issues
2021-07-20 00:00:00
[ASA-202107-32] nodejs-lts-fermium: multiple issues
2021-07-20 00:00:00
freebsd
freebsd
Node.js -- July 2021 Security Releases
2021-07-01 00:00:00
nodejsblog
nodejsblog
July 2021 Security Releases
2021-07-01 00:00:00
kitploit
kitploit
ics
ics
Siemens SINEC INS
2022-03-10 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00