Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:npm/ssri@8.0.0
purl pkg:npm/ssri@8.0.0
Next non-vulnerable version 8.0.1
Latest non-vulnerable version 8.0.1
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-w93e-wkm9-kuex
Aliases:
CVE-2021-27290
GHSA-vx3p-948g-6vhq
Regular Expression Denial of Service (ReDoS) npm `ssri` 5.2.2-6.0.1 and 7.0.0-8.0.0, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.
8.0.1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:18:36.027644+00:00 GitLab Importer Affected by VCID-w93e-wkm9-kuex https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ssri/CVE-2021-27290.yml 38.4.0
2026-04-11T22:30:50.279662+00:00 GitLab Importer Affected by VCID-w93e-wkm9-kuex https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ssri/CVE-2021-27290.yml 38.3.0
2026-04-02T22:42:16.093095+00:00 GitLab Importer Affected by VCID-w93e-wkm9-kuex https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ssri/CVE-2021-27290.yml 38.1.0
2026-04-02T16:56:16.008834+00:00 GHSA Importer Affected by VCID-w93e-wkm9-kuex https://github.com/advisories/GHSA-vx3p-948g-6vhq 38.1.0
2026-04-01T16:59:54.292850+00:00 GitLab Importer Affected by VCID-w93e-wkm9-kuex https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ssri/CVE-2021-27290.yml 38.0.0
2026-04-01T13:01:57.563792+00:00 GithubOSV Importer Affected by VCID-w93e-wkm9-kuex https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/03/GHSA-vx3p-948g-6vhq/GHSA-vx3p-948g-6vhq.json 38.0.0