CVE-2021-23343

Summary

All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.

Affected Software

VendorProductVersion RangeStatus
n/apath-parse0 < unspecifiedaffected

Weaknesses

  • Regular Expression Denial of Service (ReDoS)

ADP Enrichment

CVE Program Container

Additional References

References