MidnightBSD

Advisories for word-wrap_project

CVE-2023-26115

All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
report@snyk.io 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

Products Affected

Vendor Product Version
word-wrap_project word-wrap *