detect-secrets@0.12.0 vulnerabilities

Tool for detecting secrets in the codebase

Direct Vulnerabilities

Known vulnerabilities in the detect-secrets package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Regular Expression Denial of Service (ReDoS)

detect-secrets is a Tool for detecting secrets in the codebase

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) results in catastrophic backtracking associated with the indirect reference heuristic.

How to fix Regular Expression Denial of Service (ReDoS)?

Upgrade detect-secrets to version 1.2.0 or higher.

[,1.2.0)