We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
String manipulation extensions for Underscore.js javascript library.
Library home page: https://registry.npmjs.org/underscore.string/-/underscore.string-3.3.5.tgz
Path to dependency file: recipe/doc-site/package.json
Path to vulnerable library: recipe/doc-site/node_modules/underscore.string/package.json
Dependency Hierarchy:
Found in HEAD commit: c5ff05bacef70f1c9798f09f66af5241fdcdc243
Found in base branch: main
Regular Expression Denial of Service (ReDoS) vulnerability was found in underscore.string 2.4.0 through 3.3.5.
Publish Date: 2017-09-08
URL: WS-2017-3772
Base Score Metrics:
The text was updated successfully, but these errors were encountered:
No branches or pull requests
WS-2017-3772 - High Severity Vulnerability
Vulnerable Library - underscore.string-3.3.5.tgz
String manipulation extensions for Underscore.js javascript library.
Library home page: https://registry.npmjs.org/underscore.string/-/underscore.string-3.3.5.tgz
Path to dependency file: recipe/doc-site/package.json
Path to vulnerable library: recipe/doc-site/node_modules/underscore.string/package.json
Dependency Hierarchy:
Found in HEAD commit: c5ff05bacef70f1c9798f09f66af5241fdcdc243
Found in base branch: main
Vulnerability Details
Regular Expression Denial of Service (ReDoS) vulnerability was found in underscore.string 2.4.0 through 3.3.5.
Publish Date: 2017-09-08
URL: WS-2017-3772
CVSS 3 Score Details (7.5)
Base Score Metrics:
The text was updated successfully, but these errors were encountered: