GMS-2019-43: Regular Expression Denial of Service

June 7, 2019 (updated February 25, 2021)

A Regular Expression vulnerability was found in nwmatcher The fix replacing multiple repeated instances of the “\s*” pattern.

References

github.com/advisories/GHSA-6394-6h9h-cfjg
github.com/dperini/nwmatcher/commit/9dcc2b039beeabd18327a5ebaa537625872e16f0

Code Behaviors & Features

Detect and mitigate GMS-2019-43 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →