Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS1yNHE5LXh4NWctajI0cM4AA7es

s3-url-parser vulnerable to Denial of Service via regexes component

s3-url-parser 1.0.3 is vulnerable to denial of service via the regexes component.

Permalink: https://github.com/advisories/GHSA-r4q9-xx5g-j24p
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1yNHE5LXh4NWctajI0cM4AA7es
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: 7 months ago
Updated: 5 months ago

CVSS Score: 7.5
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Identifiers: GHSA-r4q9-xx5g-j24p, CVE-2024-25355
References:

Repository: https://github.com/AntonioRecaldeRusso/s3-url-parser
Blast Radius: 4.5

Affected Packages

npm:s3-url-parser

Dependent packages: 3
Dependent repositories: 4
Downloads: 11,745 last month
Affected Version Ranges: = 1.0.3
No known fixed version
All affected versions: