Vulnerability Database
Blog
FAQ
GHSA-3f2q-6294-fmq5
Source
https://github.com/advisories/GHSA-3f2q-6294-fmq5
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-3f2q-6294-fmq5/GHSA-3f2q-6294-fmq5.json
Aliases
CVE-2023-46402
Published
2023-11-18T00:30:17Z
Modified
2023-11-28T23:14:24Z
Details
git-urls version 1.0.1 is vulnerable to ReDOS (Regular Expression Denial of Service) in Go package.
References
https://nvd.nist.gov/vuln/detail/CVE-2023-46402
https://gist.github.com/6en6ar/7c2424c93e7fbf2b6fc44e7fb9acb95d
https://github.com/whilp/git-urls
Affected packages
Go
/
github.com/whilp/git-urls
Package
Name
github.com/whilp/git-urls
Affected ranges
Type
SEMVER
Events
Introduced
0
The exact introduced commit is unknown
Last affected
1.0.1
GHSA-3f2q-6294-fmq5 - OSV