Skip to content

mel-spintax has Inefficient Regular Expression Complexity

Moderate severity GitHub Reviewed Published Jan 18, 2023 to the GitHub Advisory Database • Updated Jan 20, 2023

Package

npm mel-spintax (npm)

Affected versions

< 1.0.3

Patched versions

1.0.3

Description

A vulnerability was found in melnaron mel-spintax. It has been rated as problematic. Affected by this issue is some unknown functionality of the file lib/spintax.js. The manipulation of the argument text leads to inefficient regular expression complexity. The name of the patch is 37767617846e27b87b63004e30216e8f919637d3. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218456.

References

Published by the National Vulnerability Database Jan 18, 2023
Published to the GitHub Advisory Database Jan 18, 2023
Last updated Jan 20, 2023
Reviewed Jan 20, 2023

Severity

Moderate

EPSS score

0.121%
(48th percentile)

Weaknesses

CVE ID

CVE-2018-25077

GHSA ID

GHSA-qjm7-55vv-3c5f

Source code

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.