zunak/CVE-2024-39249

Unavailable

This project is no longer available (or publicly accessible) from GitHub

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-39249 ↗	Jul 1, 2024Monday, 1 July 2024, 20:15	7.5 HIGH	—
Async <= 2.6.4 and <= 3.2.5 are vulnerable to ReDoS (Regular Expression Denial of Service) while parsing function in autoinject function. NOTE: this is disputed by the supplier because there is no realistic threat model: regular expressions are not used with untrusted input.