GHSA-3f2q-6294-fmq5

Source

https://github.com/advisories/GHSA-3f2q-6294-fmq5

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-3f2q-6294-fmq5/GHSA-3f2q-6294-fmq5.json

Aliases

• CVE-2023-46402

Published

2023-11-18T00:30:17Z

Modified

2023-11-28T23:14:24Z

Details

git-urls version 1.0.1 is vulnerable to ReDOS (Regular Expression Denial of Service) in Go package.

References

• https://nvd.nist.gov/vuln/detail/CVE-2023-46402
• https://gist.github.com/6en6ar/7c2424c93e7fbf2b6fc44e7fb9acb95d
• https://github.com/whilp/git-urls