March 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Node.js css-what module Vulnerability
October 1, 2022Rewterz Threat Advisory – CVE-2022-35280 – IBM Robotic Process Automation Vulnerability
October 1, 2022Rewterz Threat Advisory – Node.js css-what module Vulnerability
October 1, 2022Rewterz Threat Advisory – CVE-2022-35280 – IBM Robotic Process Automation Vulnerability
October 1, 2022
Severity
Medium
Analysis Summary
CVE-2022-24373
Node.js react-native-reanimated module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the parser function of the Colors.js script. By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2022-24373
Affected Vendors
Node.js
Affected Products
- Node.js react-native-reanimated 2.9.1
- Node.js react-native-reanimated 2.9.0
- Node.js react-native-reanimated 3.0.0-rc.0
- Node.js react-native-reanimated 2.8.0
Remediation
Upgrade to the latest version of Node.js react-native-reanimated module, available from the NPM Website.