configobj@5.0.8 vulnerabilities

Config file reading, writing and validation.

Known vulnerabilities in the configobj package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
L Regular Expression Denial of Service (ReDoS) configobj is a Config file reading, writing and validation. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the `validate` function, using `(.+?)\((.)\)`. Note:* This is only exploitable in the case of a developer, putting the offending value in a server side configuration file. How to fix Regular Expression Denial of Service (ReDoS)? There is no fixed version for `configobj`.	[0,)

configobj is a Config file reading, writing and validation.

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate function, using (.+?)\((.*)\).

Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file.

How to fix Regular Expression Denial of Service (ReDoS)?

There is no fixed version for configobj.

[0,)