CVE-2022-25901

cookiejar Regular Expression Denial of Service via Cookie.parse function in maven/org.webjars.npm/cookiejar

Identifiers

GHSA-h452-7996-h45h, CVE-2022-25901

Package Slug

maven/org.webjars.npm/cookiejar

Vulnerability

cookiejar Regular Expression Denial of Service via Cookie.parse function

Description

Versions of the package cookiejar before 2.1.4 is vulnerable to Regular Expression Denial of Service (ReDoS) via the Cookie.parse function, which uses an insecure regular expression.

Affected Versions

All versions up to 2.1.3

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-01-24

source