Skip to content

fix(security): fix ReDoS in Regex #4158

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 13, 2021
Merged

fix(security): fix ReDoS in Regex #4158

merged 1 commit into from
Sep 13, 2021

Conversation

jsjoeio
Copy link
Contributor

@jsjoeio jsjoeio commented Sep 13, 2021

Fix potential ReDoS.

Reported by security researchers at huntr.dev and emailed to [email protected]

Fixes N/A

@ready-research
[Security] Fix ReDoS
ca617df 
Fix potential ReDoS
@jsjoeio jsjoeio added the security Security related label Sep 13, 2021
@jsjoeio jsjoeio added this to the 3.12.0 milestone Sep 13, 2021
@jsjoeio jsjoeio self-assigned this Sep 13, 2021
@jsjoeio jsjoeio requested a review from a team as a code owner September 13, 2021 20:38
@jsjoeio jsjoeio changed the title [Security] Fix ReDoS fix(security): fix ReDoS in Regex Sep 13, 2021
@codecov
Copy link

codecov bot commented Sep 13, 2021

Codecov Report

Merging #4158 (fa6ca21) into main (bc3acb0) will not change coverage.
The diff coverage is n/a.

❗ Current head fa6ca21 differs from pull request most recent head ca617df. Consider uploading reports for the commit ca617df to get more accurate results
Impacted file tree graph

@@           Coverage Diff           @@
##             main    #4158   +/-   ##
=======================================
  Coverage   64.22%   64.22%           
=======================================
  Files          36       36           
  Lines        1873     1873           
  Branches      379      379           
=======================================
  Hits         1203     1203           
  Misses        569      569           
  Partials      101      101
Impacted Files Coverage Δ
src/node/util.ts 81.53% <ø> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update bc3acb0...ca617df. Read the comment docs.

@jsjoeio jsjoeio merged commit 1d4ffda into coder:main Sep 13, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jawnsy jawnsy jawnsy approved these changes

Assignees

@jsjoeio jsjoeio

Labels
security Security related
Projects
None yet
Milestone
3.12.0
Development

Successfully merging this pull request may close these issues.
3 participants
@jsjoeio @jawnsy @ready-research