Rewterz Threat Advisory – Oracle WebLogic Server Vulnerability
November 3, 2020Rewterz Threat Alert – LokiBot Malware – IOCs
November 3, 2020Rewterz Threat Advisory – Oracle WebLogic Server Vulnerability
November 3, 2020Rewterz Threat Alert – LokiBot Malware – IOCs
November 3, 2020Severity
Medium
Analysis Summary
CVE-2020-7760
Node.js codemirror module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By using sub-pattern (s|/*.*?*/)*, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
Denial of service
Affected Vendors
NodeJs
Affected Products
Node.js codemirror 5.58.1
Remediation
Upgrade to the latest version of codemirror (5.58.2 or later)..