← voltar
CVE-2020-1920

CVE-2020-1920

EPSS 1.4%CWE-1333
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 1.4%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
01 jun 2021Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A regular expression denial of service (ReDoS) vulnerability in the validateBaseUrl function can cause the application to use excessive resources, become unresponsive, or crash. This was introduced in react-native version 0.59.0 and fixed in version 0.64.1.
Produtos afetados
Facebook · react-native

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/facebook/react-native/commit/ca09ae82715e33c9ac77b3fa55495cf84ba891c7https://github.com/facebook/react-native/releases/tag/v0.64.1