Lucene search
PRIOn knowledge basePRION:CVE-2022-25901HistoryJan 18, 2023 - 5:15 a.m.
Design/Logic Flaw
2023-01-1805:15:00
PRIOn knowledge base
www.prio-n.com
5
redos
cookiejar
insecure regex
Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service (ReDoS) via the Cookie.parse function, which uses an insecure regular expression.
References
github.com/bmeck/node-cookiejar/blob/master/cookiejar.js%23L73
github.com/bmeck/node-cookiejar/pull/39
github.com/bmeck/node-cookiejar/pull/39/commits/eaa00021caf6ae09449dde826108153b578348e5
lists.debian.org/debian-lts-announce/2023/09/msg00008.html
security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3176681
security.snyk.io/vuln/SNYK-JS-COOKIEJAR-3149984
Related
ubuntucve
ubuntucve
CVE-2022-25901
2023-01-18 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3561-1)
2023-09-12 00:00:00
nessus
nessus
Debian DLA-3561-1 : node-cookiejar - LTS security update
2023-09-12 00:00:00
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2023-01-24 04:53:25
debiancve
debiancve
CVE-2022-25901
2023-01-18 05:15:11
osv
osv
cookiejar Regular Expression Denial of Service via Cookie.parse function
2023-01-18 06:31:03
node-cookiejar - security update
2023-09-11 00:00:00
debian
debian
[SECURITY] [DLA 3561-1] node-cookiejar security update
2023-09-12 01:00:43
nvd
nvd
CVE-2022-25901
2023-01-18 05:15:11
cve
cve
CVE-2022-25901
2023-01-18 05:15:11
redhatcve
redhatcve
CVE-2022-25901
2023-01-18 09:05:21
github
github
cookiejar Regular Expression Denial of Service via Cookie.parse function
2023-01-18 06:31:03
cvelist
cvelist
CVE-2022-25901
2023-01-18 05:00:01
ibm
ibm
Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities (CVE-2022-25901, CVE-2022-24823)
2023-05-17 15:26:55