Vulnerabilities > CVE-2021-23343 - Unspecified vulnerability in Path-Parse Project Path-Parse
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 8 |