We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
String manipulation extensions for Underscore.js javascript library.
Library home page: https://registry.npmjs.org/underscore.string/-/underscore.string-3.3.5.tgz
Path to dependency file: webpack-mpa/package.json
Path to vulnerable library: webpack-mpa/node_modules/underscore.string
Dependency Hierarchy:
Found in HEAD commit: 25060c72de86813e8b115b59480dc5299a5f33c7
Found in base branch: master
Regular Expression Denial of Service (ReDoS) vulnerability was found in underscore.string 2.4.0 through 3.3.5.
Publish Date: 2017-09-08
URL: WS-2017-3772
Base Score Metrics:
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered:
No branches or pull requests
WS-2017-3772 - High Severity Vulnerability
Vulnerable Library - underscore.string-3.3.5.tgz
String manipulation extensions for Underscore.js javascript library.
Library home page: https://registry.npmjs.org/underscore.string/-/underscore.string-3.3.5.tgz
Path to dependency file: webpack-mpa/package.json
Path to vulnerable library: webpack-mpa/node_modules/underscore.string
Dependency Hierarchy:
Found in HEAD commit: 25060c72de86813e8b115b59480dc5299a5f33c7
Found in base branch: master
Vulnerability Details
Regular Expression Denial of Service (ReDoS) vulnerability was found in underscore.string 2.4.0 through 3.3.5.
Publish Date: 2017-09-08
URL: WS-2017-3772
CVSS 3 Score Details (7.5)
Base Score Metrics:
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: