Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:npm/ssri@8.0.1
purl pkg:npm/ssri@8.0.1
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-w93e-wkm9-kuex Regular Expression Denial of Service (ReDoS) npm `ssri` 5.2.2-6.0.1 and 7.0.0-8.0.0, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option. CVE-2021-27290
GHSA-vx3p-948g-6vhq

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:18:36.030816+00:00 GitLab Importer Fixing VCID-w93e-wkm9-kuex https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ssri/CVE-2021-27290.yml 38.4.0
2026-04-11T22:30:50.283139+00:00 GitLab Importer Fixing VCID-w93e-wkm9-kuex https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ssri/CVE-2021-27290.yml 38.3.0
2026-04-02T22:42:16.096301+00:00 GitLab Importer Fixing VCID-w93e-wkm9-kuex https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ssri/CVE-2021-27290.yml 38.1.0
2026-04-02T16:56:16.012093+00:00 GHSA Importer Fixing VCID-w93e-wkm9-kuex https://github.com/advisories/GHSA-vx3p-948g-6vhq 38.1.0
2026-04-01T16:59:54.296300+00:00 GitLab Importer Fixing VCID-w93e-wkm9-kuex https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ssri/CVE-2021-27290.yml 38.0.0
2026-04-01T13:01:57.566067+00:00 GithubOSV Importer Fixing VCID-w93e-wkm9-kuex https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/03/GHSA-vx3p-948g-6vhq/GHSA-vx3p-948g-6vhq.json 38.0.0