Vulnerabilities (CVE)

Filtered by vendor Npmjs Subscribe
Filtered by product Hosted-git-info
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-23362 2 Npmjs, Siemens 2 Hosted-git-info, Sinec Infrastructure Network Services 2023-12-10 5.0 MEDIUM 5.3 MEDIUM
The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service (ReDoS) via regular expression shortcutMatch in the fromUrl function in index.js. The affected regular expression exhibits polynomial worst-case time complexity.