CVE-2023-30858

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-30858
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-30858.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-30858
Aliases
  • GHSA-w2xx-hjhp-gx5v
Published
2023-04-28T21:15:09Z
Modified
2024-06-06T14:21:24.697536Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The Denosaurs emoji package provides emojis for dinosaurs. Starting in version 0.1.0 and prior to version 0.3.0, the reTrimSpace regex has 2nd degree polynomial inefficiency, leading to a delayed response given a big payload. The issue has been patched in 0.3.0. As a workaround, avoid using the replace, unemojify, or strip functions.

References

Affected packages

Git / github.com/denosaurs/emoji

Affected ranges

Type
GIT
Repo
https://github.com/denosaurs/emoji
Events

Affected versions

0.*

0.1.0
0.1.1
0.1.2
0.2.0
0.2.1