GHSA-qjm7-55vv-3c5f

Suggest an improvement
Source
https://github.com/advisories/GHSA-qjm7-55vv-3c5f
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/01/GHSA-qjm7-55vv-3c5f/GHSA-qjm7-55vv-3c5f.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-qjm7-55vv-3c5f
Aliases
Published
2023-01-18T03:31:17Z
Modified
2023-11-08T04:00:16.080535Z
Summary
mel-spintax has Inefficient Regular Expression Complexity
Details

A vulnerability was found in melnaron mel-spintax. It has been rated as problematic. Affected by this issue is some unknown functionality of the file lib/spintax.js. The manipulation of the argument text leads to inefficient regular expression complexity. The name of the patch is 37767617846e27b87b63004e30216e8f919637d3. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218456.

Database specific 
{
    "github_reviewed_at": "2023-01-20T23:35:16Z",
    "cwe_ids": [
        "CWE-1333"
    ],
    "nvd_published_at": "2023-01-18T01:15:00Z",
    "severity": "MODERATE",
    "github_reviewed": true
}
References

Affected packages

npm / mel-spintax

Package

Name
mel-spintax
View open source insights on deps.dev
Purl
pkg:npm/mel-spintax

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.3