All vulnerabilities
CVE-2023-26115
word-wrap vulnerable to Regular Expression Denial of Service
Description
All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable.
Patch Available
Fix available through Seal Security. No upgrade required, protect your application instantly.
Fix without upgrading
Score
5.3
Severity
Medium
Ecosystem
JavaScript
Publish Date
June 22, 2023
Modified Date
February 13, 2025
Score Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Versions

