Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Normalize-url Project Subscribe
Filtered by product Normalize-url
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-33502 1 Normalize-url Project 1 Normalize-url 2021-10-26 5.0 MEDIUM 7.5 HIGH
The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs.