org.webjars.npm:prompts@2.3.2 vulnerabilities
-
latest version
2.4.2
-
latest non vulnerable version
-
first published
5 years ago
-
latest version published
a year ago
-
licenses detected
- [2.0.4,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.webjars.npm:prompts package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). An attacker that is able to provide a crafted input to the strip functionality may cause an application to consume an excessive amount of CPU. Note: CVE-2021-3868 was previously assigned to this vulnerability and retracted. PoC
How to fix Regular Expression Denial of Service (ReDoS)? Upgrade |
[,2.4.2)
|