Donot APT Group Targeting Pakistan – Active IOCs
July 30, 2024Maritime Facilities in Several Countries Targeted by New SideWinder Cyberattacks – Active IOCs
July 30, 2024Donot APT Group Targeting Pakistan – Active IOCs
July 30, 2024Maritime Facilities in Several Countries Targeted by New SideWinder Cyberattacks – Active IOCs
July 30, 2024Severity
High
Analysis Summary
CVE-2024-41655
Node.js tf2-item-format module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending a specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-41655
Affected Vendors
Affected Products
- Node.js tf2-item-format tf2-item-format 5.9.13
Remediation
Upgrade to the latest version of tf2-item-format, available from the Node.js GIT Repository.