CVE Vulnerabilities

CVE-2021-3777

Published: Sep 15, 2021 | Modified: Jul 29, 2022

CVSS 3.x

7.5

HIGH

Source:

NVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS 2.x

7.8 HIGH

RedHat/V2

RedHat/V3

Ubuntu

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2021-3777
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

nodejs-tmpl is vulnerable to Inefficient Regular Expression Complexity

Affected Software

Name	Vendor	Start Version	End Version
Tmpl	Tmpl_project	*	1.0.5 (excluding)

References

https://github.com/daaku/nodejs-tmpl/commit/4c654e4d1542f329ed561fd95ccd80f30c6872d6
https://huntr.dev/bounties/a07b547a-f457-41c9-9d89-ee48bee8a4df

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.