CVE Details
Basic Information
| Title | chinese-poetry server.js redos |
|---|---|
| Type | cve |
| Published | 2025-07-14T06:14:06.008Z |
| Modified | 2025-07-14T06:14:06.008Z |
Product Information
| Vendor | n/a |
|---|---|
| Product | chinese-poetry |
| Version | 0.1 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the server.js file of the chinese-poetry package version 0.1. This issue can lead to inefficient regular expression processing, potentially causing performance issues. The vulnerability can be exploited remotely, and the exploit details have been publicly disclosed. |
|---|---|
| AI Severity | Medium |
| AI Vendor | Chinese Poetry Community |
| AI Product | chinese-poetry |
| AI Version | 0.1 |
| AI Score | 5.3 |
Affected Products
- n/a chinese-poetry 0.1
Additional Information
| CWE List | CWE-1333, CWE-400 |
|---|---|
| Source | VulDB |
Description
A vulnerability was found in chinese-poetry 0.1. It has been rated as problematic. This issue affects some unknown processing of the file rank/server.js. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.