Severity: high

Regular Expression Denial of Service

no-case

Overview

Affected versions of no-case are vulnerable to a regular expression denial of service when parsing untrusted user input.

Remediation

Update to version 2.3.2 or later.

Resources

Have content suggestions? Send them to [email protected]

Advisory timeline

  1. reported

    Sep 8th, 2017
  2. published

    Advisory published
    Sep 8th, 2017