Regular Expression Denial of Service in fresh
High severity
GitHub Reviewed
Published
Jul 24, 2018
to the GitHub Advisory Database
•
Updated Sep 8, 2023
Description
Published to the GitHub Advisory Database
Jul 24, 2018
Reviewed
Jun 16, 2020
Last updated
Sep 8, 2023
Affected versions of
fresh
are vulnerable to regular expression denial of service when parsing specially crafted user input.Recommendation
Update to version 0.5.2 or later.
References