Vulnerabilities > CVE-2021-40899 - Unspecified vulnerability in Repo-Git-Downloader Project Repo-Git-Downloader 0.1.1

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

repo-git-downloader-project

NVD

Published: 2022-06-27

Updated: 2024-11-21

Summary

A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in repo-git-downloader v0.1.1 when downloading crafted invalid git repositories.

Vulnerable Configurations

Part	Description	Count
Application	Repo-Git-Downloader_Project Repo GIT Downloader Project Repo GIT Downloader 0.1.1	1

References

https://github.com/yetingli/SaveResults/blob/main/js/repo-git-downloader.js
https://github.com/yetingli/SaveResults/blob/main/js/repo-git-downloader.js