CVE-2020-7760

Uncontrolled Resource Consumption in npm/codemirror

Identifier

CVE-2020-7760

Package Slug

npm/codemirror

Vulnerability

Uncontrolled Resource Consumption

Description

There is a ReDOS vulnerability in codemirror which is mainly due to the sub-pattern (s|/.?/)

Affected Versions

All versions before 5.58.2

Solution

Upgrade to version 5.58.2 or above.

Last Modified

2020-11-16

source