CVE-2020-1920
- Source
- https://cve.org/CVERecord?id=CVE-2020-1920
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-1920.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-1920
- Aliases
- Published
- 2021-06-01T14:15:08.347Z
- Modified
- 2026-04-12T08:03:56.027297Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A regular expression denial of service (ReDoS) vulnerability in the validateBaseUrl function can cause the application to use excessive resources, become unresponsive, or crash. This was introduced in react-native version 0.59.0 and fixed in version 0.64.1.
- References
Affected packages
Git / github.com/facebook/react-native
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-1920.json"
vanir_signatures_modified
"2026-04-12T08:03:56Z"
vanir_signatures
[
{
"signature_version": "v1",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"38648504482845758380890527369223853047",
"237330615071155511770482017833663329878",
"76753654515882591088767598865977268070"
]
},
"source": "https://github.com/facebook/react-native/commit/787567a15014c73b87353b7d418c064c5643e7cc",
"id": "CVE-2020-1920-697b472b",
"signature_type": "Line",
"target": {
"file": "ReactAndroid/src/main/java/com/facebook/react/modules/systeminfo/ReactNativeVersion.java"
}
},
{
"signature_version": "v1",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"181531448390723639034103199115214914710",
"144467566250035608914775916386623595855",
"110479464497664185125002398735225219149",
"184865437213501378424942131855546629974"
]
},
"source": "https://github.com/facebook/react-native/commit/787567a15014c73b87353b7d418c064c5643e7cc",
"id": "CVE-2020-1920-f75ef8f3",
"signature_type": "Line",
"target": {
"file": "ReactCommon/cxxreact/ReactNativeVersion.h"
}
}
]