Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS00OXgzLTgyMjgtM3czbc0V3w

High EPSS: 0.00248% (0.48185 Percentile) EPSS:
Permalink JSON

Inefficient Regular Expression Complexity in code-server

Affected Packages Affected Versions Fixed Versions
npm:code-server
PURL: pkg:npm/code-server
< 3.12.0 3.12.0
4 Dependent packages
3 Dependent repositories
10,180 Downloads last month

Affected Version Ranges

All affected versions

3.3.0, 3.3.1, 3.4.0, 3.4.1, 3.5.0, 3.6.0, 3.6.1, 3.6.2, 3.7.0, 3.7.1, 3.7.2, 3.7.3, 3.7.4, 3.8.0, 3.8.1, 3.9.0, 3.9.1, 3.9.2, 3.9.3, 3.10.0, 3.10.1, 3.10.2, 3.11.0, 3.11.1

All unaffected versions

3.12.0, 4.0.1, 4.0.2, 4.1.0, 4.2.0, 4.3.0, 4.4.0, 4.5.0, 4.5.1, 4.5.2, 4.6.0, 4.6.1, 4.7.0, 4.7.1, 4.8.0, 4.8.1, 4.8.2, 4.8.3, 4.9.0, 4.9.1, 4.10.0, 4.10.1, 4.11.0, 4.12.0, 4.13.0, 4.14.0, 4.14.1, 4.15.0, 4.16.0, 4.16.1, 4.17.1, 4.18.0, 4.19.0, 4.19.1, 4.20.0, 4.20.1, 4.21.0, 4.21.1, 4.21.2, 4.22.0, 4.22.1, 4.23.0, 4.23.1, 4.89.0, 4.89.1, 4.90.0, 4.90.1, 4.90.2, 4.90.3, 4.91.0, 4.91.1, 4.92.2, 4.93.1, 4.95.1, 4.95.2, 4.95.3, 4.96.1, 4.96.2, 4.96.4, 4.97.2, 4.98.0, 4.98.2, 4.99.0, 4.99.1, 4.99.2, 4.99.3, 4.99.4, 4.100.0, 4.100.1, 4.100.2, 4.100.3, 4.101.0, 4.101.1, 4.101.2, 4.102.0, 4.102.1, 4.102.2, 4.102.3, 4.103.0, 4.103.1

code-server is vulnerable to Inefficient Regular Expression Complexity

References:

Identifiers

GHSA-49x3-8228-3w3m

CVE-2021-3810

Risk

Severity

High

EPSS

EPSS Percentage: 0.00248

EPSS Percentile: 0.48185

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/cdr/code-server

Date and time

Published

almost 4 years ago

Updated

over 2 years ago

API

JSON