---

CVE-2021-23362 - log back

CVE-2021-23362 edited at 02 Jul 2021 08:53:16
References	https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/#npm-upgrade-hosted-git-info-regular-expression-denial-of-service-redos-medium-cve-2021-23362 + https://snyk.io/vuln/SNYK-JS-HOSTEDGITINFO-1088355 + https://github.com/npm/hosted-git-info/pull/76 + https://github.com/npm/hosted-git-info/commit/bede0dc38e1785e732bf0a48ba6f81a4a908eba3

CVE-2021-23362 edited at 02 Jul 2021 08:47:24
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Denial of service
Description	+ A security issue has been found in Node.js before versions 16.4.1, 14.17.2 and 12.22.2. There is a vulnerability in the hosted-git-info npm module which may be vulnerable to denial of service attacks.
References	+ https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/#npm-upgrade-hosted-git-info-regular-expression-denial-of-service-redos-medium-cve-2021-23362
Notes

CVE-2021-23362 created at 02 Jul 2021 08:44:36