Devcert Project: >> Devcert Security Vulnerabilities
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the devcert npm package, when an attacker is able to supply arbitrary input to the certificateFor method
CVSS Score
5.9
EPSS Score
0.002
Published
2022-06-02
A command injection vulnerability in the `devcert` module may lead to remote code execution when users of the module pass untrusted input to the `certificateFor` function.
CVSS Score
9.8
EPSS Score
0.015
Published
2020-07-10