VulnerableCode Package Details - pkg:npm/ssri@5.2.2

Search for packages

Vulnerability	Summary	Fixed by
VCID-w93e-wkm9-kuex Aliases: CVE-2021-27290 GHSA-vx3p-948g-6vhq	Regular Expression Denial of Service (ReDoS) npm `ssri` 5.2.2-6.0.1 and 7.0.0-8.0.0, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.	6.0.2 Affected by 0 other vulnerabilities. 7.1.1 Affected by 0 other vulnerabilities. 8.0.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-w93e-wkm9-kuex
Aliases:
CVE-2021-27290
GHSA-vx3p-948g-6vhq

Regular Expression Denial of Service (ReDoS) npm `ssri` 5.2.2-6.0.1 and 7.0.0-8.0.0, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.

6.0.2
Affected by 0 other vulnerabilities.

7.1.1
Affected by 0 other vulnerabilities.

8.0.1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-r77r-rudr-sffr	Uncontrolled Resource Consumption index.js in the ssri module is prone to a regular expression denial of service vulnerability in strict mode functionality via a long base64 hash string.	CVE-2018-7651 GHSA-325j-24f4-qv5x
VCID-raa9-mp3v-57c3	ReDoS There is a Regular Expression Denial of Service vulnerability in the strict mode functionality.	GMS-2018-11

Vulnerability

Summary

Aliases

VCID-r77r-rudr-sffr

Uncontrolled Resource Consumption index.js in the ssri module is prone to a regular expression denial of service vulnerability in strict mode functionality via a long base64 hash string.

CVE-2018-7651
GHSA-325j-24f4-qv5x

VCID-raa9-mp3v-57c3

ReDoS There is a Regular Expression Denial of Service vulnerability in the strict mode functionality.

GMS-2018-11

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:18:35.998781+00:00	GitLab Importer	Affected by	VCID-w93e-wkm9-kuex	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ssri/CVE-2021-27290.yml	38.4.0
2026-04-16T20:41:56.003692+00:00	GitLab Importer	Fixing	VCID-r77r-rudr-sffr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ssri/CVE-2018-7651.yml	38.4.0
2026-04-16T01:20:31.453619+00:00	GHSA Importer	Fixing	VCID-r77r-rudr-sffr	https://github.com/advisories/GHSA-325j-24f4-qv5x	38.4.0
2026-04-11T22:30:50.247938+00:00	GitLab Importer	Affected by	VCID-w93e-wkm9-kuex	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ssri/CVE-2021-27290.yml	38.3.0
2026-04-11T21:52:32.044876+00:00	GitLab Importer	Fixing	VCID-r77r-rudr-sffr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ssri/CVE-2018-7651.yml	38.3.0
2026-04-11T12:48:45.533775+00:00	GHSA Importer	Fixing	VCID-r77r-rudr-sffr	https://github.com/advisories/GHSA-325j-24f4-qv5x	38.3.0
2026-04-02T22:42:16.063695+00:00	GitLab Importer	Affected by	VCID-w93e-wkm9-kuex	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ssri/CVE-2021-27290.yml	38.1.0
2026-04-02T22:06:19.216355+00:00	GitLab Importer	Fixing	VCID-r77r-rudr-sffr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ssri/CVE-2018-7651.yml	38.1.0
2026-04-02T16:56:15.975189+00:00	GHSA Importer	Affected by	VCID-w93e-wkm9-kuex	https://github.com/advisories/GHSA-vx3p-948g-6vhq	38.1.0
2026-04-02T13:43:24.559551+00:00	GHSA Importer	Fixing	VCID-r77r-rudr-sffr	https://github.com/advisories/GHSA-325j-24f4-qv5x	38.1.0
2026-04-01T16:59:54.251363+00:00	GitLab Importer	Affected by	VCID-w93e-wkm9-kuex	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ssri/CVE-2021-27290.yml	38.0.0
2026-04-01T15:56:26.963934+00:00	GHSA Importer	Fixing	VCID-r77r-rudr-sffr	https://github.com/advisories/GHSA-325j-24f4-qv5x	38.0.0
2026-04-01T13:03:52.239485+00:00	GithubOSV Importer	Fixing	VCID-r77r-rudr-sffr	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/03/GHSA-325j-24f4-qv5x/GHSA-325j-24f4-qv5x.json	38.0.0
2026-04-01T12:47:36.245947+00:00	GitLab Importer	Fixing	VCID-r77r-rudr-sffr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ssri/CVE-2018-7651.yml	38.0.0
2026-04-01T12:47:34.891724+00:00	GitLab Importer	Fixing	VCID-raa9-mp3v-57c3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ssri/GMS-2018-11.yml	38.0.0