CVE-2021-3810
Published on: 09/17/2021 12:00:00 AM UTC
Last Modified on: 05/12/2022 01:02:00 AM UTC
CVE-2021-3810 - advisory for 38888513-30fc-4d8f-805d-34070d60e223
Source: Mitre Source: Nist Print: PDF
Certain versions of Code-server from Coder contain the following vulnerability:
code-server is vulnerable to Inefficient Regular Expression Complexity
- CVE-2021-3810 has been assigned by
[email protected] to track the vulnerability - currently rated as HIGH severity.
- Affected Vendor/Software:
cdr - cdr/code-server version < 3.12.0
CVSS3 Score: 7.5 - HIGH
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
NETWORK | LOW | NONE | NONE |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | NONE | NONE | HIGH |
CVSS2 Score: 7.8 - HIGH
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
NONE | NONE | COMPLETE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
[Security] Fix ReDoS · cdr/[email protected] · GitHub | github.com text/html |
![]() |
huntr: Disclose & Fix Security Vulnerabilities in Open Source | huntr.dev text/html Inactive LinkNot Archived |
![]() |
Related QID Numbers
- 980854 Nodejs (npm) Security Update for code-server (GHSA-49x3-8228-3w3m)
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Coder | Code-server | All | All | All | All |
- cpe:2.3:a:coder:code-server:*:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
Source | Title | Posted (UTC) |
---|---|---|
![]() |
CVE-2021-3810 : code-server is vulnerable to Inefficient Regular Expression Complexity... cve.report/CVE-2021-3810 | 2021-09-17 06:22:12 |
![]() |
CVE-2021-3810 code-server is vulnerable to Inefficient Regular Expression Complexity (CVSS:0.0) (Last Update:2021-0… twitter.com/i/web/status/1… | 2021-09-18 07:09:50 |