CVE-2018-25074: Inefficient Regular Expression Complexity

January 11, 2023

A vulnerability was found in Prestaul skeemas and classified as problematic. This issue affects some unknown processing of the file validators/base.js. The manipulation of the argument uri leads to inefficient regular expression complexity. The name of the patch is 65e94eda62dc8dc148ab3e59aa2ccc086ac448fd. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218003.

References

github.com/Prestaul/skeemas/commit/65e94eda62dc8dc148ab3e59aa2ccc086ac448fd
github.com/advisories/GHSA-qv66-f876-vjvr
nvd.nist.gov/vuln/detail/CVE-2018-25074
vuldb.com/?ctiid.218003
vuldb.com/?id.218003

Code Behaviors & Features

Detect and mitigate CVE-2018-25074 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →