First published: Tue Jun 14 2022(Updated: )
An issue was discovered in Delight Nashorn Sandbox 0.2.0. There is an ReDoS vulnerability that can be exploited to launching a denial of service (DoS) attack.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
maven/org.javadelight:delight-nashorn-sandbox | <0.3.1 | 0.3.1 |
Javadelight Nashorn Sandbox | =0.2.0 | |
=0.2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-40660 is an ReDoS vulnerability in Delight Nashorn Sandbox 0.2.0.
CVE-2021-40660 can be exploited to launch a denial of service (DoS) attack.
CVE-2021-40660 has a severity rating of 7.5 (High).
Delight Nashorn Sandbox versions up to and including 0.2.5 are affected by CVE-2021-40660.
Yes, the issue has been fixed in the latest commit. Please refer to the GitHub link for more information.