Vulnerabilites related to nth-check_project - nth-check
cve-2021-3803
Vulnerability from cvelistv5
Published
2021-09-17 00:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
nth-check is vulnerable to Inefficient Regular Expression Complexity
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| fb55 | fb55/nth-check |
Version: unspecified < 2.0.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:09:08.622Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0", }, { tags: [ "x_transferred", ], url: "https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726", }, { name: "[debian-lts-announce] 20230522 [SECURITY] [DLA 3428-1] node-nth-check security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00023.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "fb55/nth-check", vendor: "fb55", versions: [ { lessThan: "2.0.1", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "nth-check is vulnerable to Inefficient Regular Expression Complexity", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-1333", description: "CWE-1333 Inefficient Regular Expression Complexity", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-22T00:00:00", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { url: "https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0", }, { url: "https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726", }, { name: "[debian-lts-announce] 20230522 [SECURITY] [DLA 3428-1] node-nth-check security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00023.html", }, ], source: { advisory: "8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0", discovery: "EXTERNAL", }, title: "Inefficient Regular Expression Complexity in fb55/nth-check", }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2021-3803", datePublished: "2021-09-17T00:00:00", dateReserved: "2021-09-15T00:00:00", dateUpdated: "2024-08-03T17:09:08.622Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2021-09-17 07:15
Modified
2024-11-21 06:22
Severity ?
Summary
nth-check is vulnerable to Inefficient Regular Expression Complexity
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@huntr.dev | https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726 | Patch, Third Party Advisory | |
| security@huntr.dev | https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| security@huntr.dev | https://lists.debian.org/debian-lts-announce/2023/05/msg00023.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/05/msg00023.html | Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nth-check_project | nth-check | * | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nth-check_project:nth-check:*:*:*:*:*:*:*:*", matchCriteriaId: "F668383F-6A77-4A7E-AA95-0970943465A6", versionEndExcluding: "2.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "nth-check is vulnerable to Inefficient Regular Expression Complexity", }, { lang: "es", value: "nth-check es vulnerable a una Complejidad de Expresiones Regulares Ineficientes", }, ], id: "CVE-2021-3803", lastModified: "2024-11-21T06:22:28.873", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "security@huntr.dev", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-09-17T07:15:09.153", references: [ { source: "security@huntr.dev", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726", }, { source: "security@huntr.dev", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0", }, { source: "security@huntr.dev", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00023.html", }, ], sourceIdentifier: "security@huntr.dev", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-1333", }, ], source: "security@huntr.dev", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-1333", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }