Vulnerabilities > CVE-2021-43309 - Unspecified vulnerability in Litejs Uri-Template-Lite

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
litejs

Summary

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the uri-template-lite npm package, when an attacker is able to supply arbitrary input to the "URI.expand" method

Vulnerable Configurations

Part Description Count
Application
Litejs
1