A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:15
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/interpolateName.js#L107 - Exploit, Third Party Advisory | |
References | () https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/interpolateName.js#L38 - Exploit, Third Party Advisory | |
References | () https://github.com/webpack/loader-utils/issues/213 - Issue Tracking, Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU/ - |
07 Nov 2023, 03:49
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
08 Aug 2023, 14:22
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-1333 |
Information
Published : 2022-10-14 16:15
Updated : 2024-11-21 07:15
NVD link : CVE-2022-37603
Mitre link : CVE-2022-37603
CVE.ORG link : CVE-2022-37603
JSON object : View
Products Affected
webpack.js
- loader-utils
CWE
CWE-1333
Inefficient Regular Expression Complexity