CVE-2018-7651

Published March 4th, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

index.js in the ssri module before 5.2.2 for Node.js is prone to a regular expression denial of service vulnerability in strict mode functionality via a long base64 hash string.

zkat/ssri

Standard Subresource Integrity library for Node.js

GitHub