All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Path-parse | Path-parse_project | * | 1.0.7 (excluding) |
| Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8 | RedHat | rhacm2/application-ui-rhel8:v2.3.0-120 | * |
| Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8 | RedHat | rhacm2/kui-web-terminal-rhel8:v2.3.0-51 | * |
| Red Hat Enterprise Linux 8 | RedHat | nodejs:12-8040020210817133458.522a0ee4 | * |
| Red Hat Enterprise Linux 8 | RedHat | nodejs:14-8040020210817165654.522a0ee4 | * |
| Red Hat Enterprise Linux 8.1 Extended Update Support | RedHat | nodejs:12-8010020210817113128.c27ad7f8 | * |
| Red Hat Enterprise Linux 8.2 Extended Update Support | RedHat | nodejs:12-8020020210817125332.4cda2c84 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | RedHat | rh-nodejs14-nodejs-0:14.17.5-1.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | RedHat | rh-nodejs12-nodejs-0:12.22.5-1.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | RedHat | rh-nodejs12-nodejs-nodemon-0:2.0.3-5.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS | RedHat | rh-nodejs14-nodejs-0:14.17.5-1.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS | RedHat | rh-nodejs12-nodejs-0:12.22.5-1.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS | RedHat | rh-nodejs12-nodejs-nodemon-0:2.0.3-5.el7 | * |
| Red Hat Virtualization Engine 4.4 | RedHat | ovirt-engine-ui-extensions-0:1.2.7-1.el8ev | * |
| RHACS-3.67-RHEL-8 | RedHat | advanced-cluster-security/rhacs-rhel8-operator:3.67.0-3 | * |