← volver
CVE-2020-1920

CVE-2020-1920

EPSS 1.4%CWE-1333
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 1.4%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
01 jun 2021Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A regular expression denial of service (ReDoS) vulnerability in the validateBaseUrl function can cause the application to use excessive resources, become unresponsive, or crash. This was introduced in react-native version 0.59.0 and fixed in version 0.64.1.
Productos afectados
Facebook · react-native

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/facebook/react-native/commit/ca09ae82715e33c9ac77b3fa55495cf84ba891c7https://github.com/facebook/react-native/releases/tag/v0.64.1