Nice Philanthropist Metalhead
no-case

Regular Expression Denial of Service

Severity: high

Overview

Affected versions of no-case are vulnerable to a regular expression denial of service when parsing untrusted user input.

Remediation

Update to version 2.3.2 or later.

Vulnerable versions

2.0.0
2 years ago
2.1.0
2 years ago
2.2.0
2 years ago
2.3.0
2 years ago
2.3.1
2 years ago

Unaffected versions

2.3.2
a year ago

Resources

Advisory timeline

  1. Published

    Advisory published
    Sep 8th, 2017
  2. Reported

    Initial report by Cristian-Alexandru Staicu
    Sep 8th, 2017