CVE-2022-36034: Polynomial regular expression used on uncontrolled data in nitrado.js
(updated )
nitrado.js is a type safe wrapper for the Nitrado API. Possible ReDoS with lib input of {{
and with many repetitions of {{|
. This issue has been patched in all versions above 0.2.5
. There are currently no known workarounds.
References
Detect and mitigate CVE-2022-36034 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →