logo

Advisories

Weaknesses

Fixes

Requirements

Compliance

CVE-2020-7753 trim

Package

Manager: npm
Name: trim
Vulnerable Version: >=0 <0.0.3

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS: 0.06853 pctl0.90988

Details

Regular Expression Denial of Service in trim All versions of package trim lower than 0.0.3 are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().

Metadata

Created: 2021-05-10T18:44:22Z
Modified: 2022-04-27T19:19:28Z
Source: MANUAL
CWE IDs: ["CWE-400"]
Alternative ID: GHSA-w5p7-h5w8-2hfq
Finding: F002
Auto approve: 1