[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-27290":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":36,"duplicate_of":9,"upstream":38,"downstream":39,"duplicates":94,"related":95,"reserved_at":9,"published_at":114,"modified_at":115,"state":116,"summary":117,"references_raw":125,"kevs":183,"epss":184,"epss_history":187,"metrics":439,"affected":452},"CVE-2021-27290","ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-OTHER","Other","NVD uses this CWE ID when the weakness does not map to any existing CWE entry.","placeholder","NVD-Reserved",[],[19,28],{"_key":20,"name":21,"source":22,"url":23,"maturity":24,"reliability_score":25,"verified":26,"type":9,"platforms":27,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_YETINGLI_SAVERESULTS","Saveresults","github","https://github.com/yetingli/SaveResults/blob/main/pdf/ssri-redos.pdf","poc",0.3,false,[],{"_key":29,"name":30,"source":31,"url":32,"maturity":33,"reliability_score":34,"verified":26,"type":9,"platforms":35,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_B46F59E1F74AD697","Exploit Reference (doyensec.com)","reference","https://doyensec.com/resources/Doyensec_Advisory_ssri_redos.pdf","unknown",0.2,[],[37],"GHSA-vx3p-948g-6vhq",[],[40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92],{"_key":41},"ALPINE-CVE-2021-27290",{"_key":43},"UBUNTU-CVE-2021-27290",{"_key":45},"SUSE-SU-2021:2319-1",{"_key":47},"SUSE-SU-2021:2323-1",{"_key":49},"SUSE-SU-2021:2326-1",{"_key":51},"SUSE-SU-2021:2327-1",{"_key":53},"SUSE-SU-2021:2353-1",{"_key":55},"SUSE-SU-2021:2354-1",{"_key":57},"SUSE-SU-2021:2618-1",{"_key":59},"SUSE-SU-2021:2620-1",{"_key":61},"OPENSUSE-SU-2021:1059-1",{"_key":63},"OPENSUSE-SU-2021:1060-1",{"_key":65},"OPENSUSE-SU-2021:1061-1",{"_key":67},"OPENSUSE-SU-2021:1113-1",{"_key":69},"OPENSUSE-SU-2021:2327-1",{"_key":71},"OPENSUSE-SU-2021:2353-1",{"_key":73},"OPENSUSE-SU-2021:2354-1",{"_key":75},"OPENSUSE-SU-2021:2618-1",{"_key":77},"OPENSUSE-SU-2024:11096-1",{"_key":79},"MGASA-2021-0372",{"_key":81},"DEBIAN-CVE-2021-27290",{"_key":83},"RHSA-2021:2931",{"_key":85},"RHSA-2021:2932",{"_key":87},"RHSA-2021:3073",{"_key":89},"RHSA-2021:3074",{"_key":91},"RHSA-2021:3638",{"_key":93},"RHSA-2021:3639",[],[96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113],{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},"2021-03-12T21:47:41.000Z","2024-08-03T20:48:16.758Z","Modified",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":118,"epss_score":119,"severity":120,"severity_score":121,"severity_version":122,"severity_source":123,"severity_vector":124,"severity_status":116},"low",0.02458,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[126,135,141,145,148,153,158,162,166,170,174,179],{"url":127,"sources":128,"tags":131},"https://npmjs.com",[129,123,130],"cve.org","osv_npm",[132,133,134],"X Refsource MISC","Product","WEB",{"url":136,"sources":137,"tags":138},"https://www.oracle.com/security-alerts/cpuoct2021.html",[129,123,130],[132,139,140,134],"Patch","Third Party Advisory",{"url":32,"sources":142,"tags":143},[129,123,130],[132,144,139,140,134],"Exploit",{"url":23,"sources":146,"tags":147},[129,123,130],[132,144,140,134],{"url":149,"sources":150,"tags":151},"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",[129,123,130],[152,139,140,134],"X Refsource CONFIRM",{"url":154,"sources":155,"tags":156},"https://nvd.nist.gov/vuln/detail/CVE-2021-27290",[130],[157],"Advisory",{"url":159,"sources":160,"tags":161},"https://github.com/npm/ssri/pull/20#issuecomment-842677644",[130],[134],{"url":163,"sources":164,"tags":165},"https://github.com/npm/ssri/commit/76e223317d971f19e4db8191865bdad5edee40d2",[130],[134],{"url":167,"sources":168,"tags":169},"https://github.com/npm/ssri/commit/809c84d09ea87c3857fa171d42914586899d4538",[130],[134],{"url":171,"sources":172,"tags":173},"https://github.com/npm/ssri/commit/b30dfdb00bb94ddc49a25a85a18fb27afafdfbb1",[130],[134],{"url":175,"sources":176,"tags":177},"https://github.com/npm/ssri",[130],[178],"PACKAGE",{"url":180,"sources":181,"tags":182},"https://www.npmjs.com/package/ssri",[130],[134],[],{"date":185,"score":119,"percentile":186},"2026-06-04",0.85514,[188,192,195,198,201,204,207,210,213,216,219,222,225,228,232,236,238,241,244,247,250,253,256,258,261,264,267,269,273,276,279,282,285,287,290,292,295,298,301,304,307,310,312,314,317,320,323,326,328,330,333,336,339,341,344,347,350,352,354,357,360,363,365,367,369,371,373,376,378,380,383,385,388,390,393,395,398,400,403,406,409,412,415,418,421,424,427,430,433,436],{"date":189,"score":190,"percentile":191},"2025-11-04",0.02665,0.85258,{"date":193,"score":190,"percentile":194},"2025-11-05",0.85262,{"date":196,"score":190,"percentile":197},"2025-11-06",0.85265,{"date":199,"score":190,"percentile":200},"2025-11-07",0.85273,{"date":202,"score":190,"percentile":203},"2025-11-08",0.85276,{"date":205,"score":190,"percentile":206},"2025-11-09",0.85272,{"date":208,"score":190,"percentile":209},"2025-11-10",0.85266,{"date":211,"score":190,"percentile":212},"2025-11-11",0.85271,{"date":214,"score":190,"percentile":215},"2025-11-12",0.85282,{"date":217,"score":190,"percentile":218},"2025-11-13",0.8529,{"date":220,"score":190,"percentile":221},"2025-11-14",0.85291,{"date":223,"score":190,"percentile":224},"2025-11-15",0.85285,{"date":226,"score":190,"percentile":227},"2025-11-16",0.85284,{"date":229,"score":230,"percentile":231},"2025-11-17",0.02628,0.8517,{"date":233,"score":234,"percentile":235},"2025-11-18",0.02118,0.82724,{"date":237,"score":234,"percentile":235},"2025-11-19",{"date":239,"score":234,"percentile":240},"2025-11-20",0.82727,{"date":242,"score":230,"percentile":243},"2025-11-21",0.85186,{"date":245,"score":230,"percentile":246},"2025-11-22",0.85182,{"date":248,"score":230,"percentile":249},"2025-11-23",0.85173,{"date":251,"score":230,"percentile":252},"2025-11-24",0.85175,{"date":254,"score":230,"percentile":255},"2025-11-25",0.85171,{"date":257,"score":230,"percentile":249},"2025-11-26",{"date":259,"score":230,"percentile":260},"2025-11-27",0.85174,{"date":262,"score":230,"percentile":263},"2025-11-28",0.85156,{"date":265,"score":230,"percentile":266},"2025-11-29",0.85201,{"date":268,"score":230,"percentile":266},"2025-11-30",{"date":270,"score":271,"percentile":272},"2025-12-01",0.01634,0.81426,{"date":274,"score":271,"percentile":275},"2025-12-02",0.81429,{"date":277,"score":271,"percentile":278},"2025-12-03",0.81428,{"date":280,"score":230,"percentile":281},"2025-12-04",0.85204,{"date":283,"score":230,"percentile":284},"2025-12-05",0.85208,{"date":286,"score":230,"percentile":281},"2025-12-06",{"date":288,"score":230,"percentile":289},"2025-12-07",0.85192,{"date":291,"score":230,"percentile":289},"2025-12-08",{"date":293,"score":230,"percentile":294},"2025-12-09",0.85199,{"date":296,"score":230,"percentile":297},"2025-12-10",0.85221,{"date":299,"score":230,"percentile":300},"2025-12-11",0.85227,{"date":302,"score":230,"percentile":303},"2025-12-12",0.85232,{"date":305,"score":230,"percentile":306},"2025-12-13",0.85229,{"date":308,"score":230,"percentile":309},"2025-12-14",0.85224,{"date":311,"score":230,"percentile":297},"2025-12-15",{"date":313,"score":230,"percentile":300},"2025-12-16",{"date":315,"score":230,"percentile":316},"2025-12-17",0.85231,{"date":318,"score":230,"percentile":319},"2025-12-18",0.85236,{"date":321,"score":230,"percentile":322},"2025-12-19",0.8524,{"date":324,"score":230,"percentile":325},"2025-12-20",0.85233,{"date":327,"score":230,"percentile":319},"2025-12-21",{"date":329,"score":230,"percentile":319},"2025-12-22",{"date":331,"score":230,"percentile":332},"2025-12-23",0.85243,{"date":334,"score":230,"percentile":335},"2025-12-24",0.85248,{"date":337,"score":230,"percentile":338},"2025-12-25",0.85263,{"date":340,"score":230,"percentile":209},"2025-12-26",{"date":342,"score":230,"percentile":343},"2025-12-27",0.85317,{"date":345,"score":230,"percentile":346},"2025-12-28",0.85257,{"date":348,"score":230,"percentile":349},"2025-12-29",0.85255,{"date":351,"score":230,"percentile":194},"2025-12-30",{"date":353,"score":230,"percentile":212},"2025-12-31",{"date":355,"score":271,"percentile":356},"2026-01-01",0.8155,{"date":358,"score":271,"percentile":359},"2026-01-02",0.81546,{"date":361,"score":271,"percentile":362},"2026-01-03",0.81539,{"date":364,"score":230,"percentile":209},"2026-01-04",{"date":366,"score":230,"percentile":191},"2026-01-05",{"date":368,"score":230,"percentile":338},"2026-01-06",{"date":370,"score":230,"percentile":338},"2026-01-07",{"date":372,"score":230,"percentile":206},"2026-01-08",{"date":374,"score":230,"percentile":375},"2026-01-09",0.85275,{"date":377,"score":230,"percentile":212},"2026-01-10",{"date":379,"score":230,"percentile":209},"2026-01-11",{"date":381,"score":230,"percentile":382},"2026-01-12",0.85261,{"date":384,"score":230,"percentile":349},"2026-01-13",{"date":386,"score":230,"percentile":387},"2026-01-14",0.85274,{"date":389,"score":230,"percentile":200},"2026-01-15",{"date":391,"score":230,"percentile":392},"2026-01-16",0.85279,{"date":394,"score":230,"percentile":227},"2026-01-17",{"date":396,"score":230,"percentile":397},"2026-01-18",0.8528,{"date":399,"score":230,"percentile":203},"2026-01-19",{"date":401,"score":230,"percentile":402},"2026-01-20",0.85278,{"date":404,"score":230,"percentile":405},"2026-01-21",0.85283,{"date":407,"score":230,"percentile":408},"2026-01-22",0.85287,{"date":410,"score":230,"percentile":411},"2026-01-23",0.85298,{"date":413,"score":230,"percentile":414},"2026-01-24",0.85307,{"date":416,"score":230,"percentile":417},"2026-01-25",0.85303,{"date":419,"score":230,"percentile":420},"2026-01-26",0.853,{"date":422,"score":230,"percentile":423},"2026-01-27",0.85304,{"date":425,"score":230,"percentile":426},"2026-01-28",0.85309,{"date":428,"score":230,"percentile":429},"2026-01-29",0.85312,{"date":431,"score":230,"percentile":432},"2026-01-30",0.85313,{"date":434,"score":230,"percentile":435},"2026-01-31",0.85314,{"date":437,"score":271,"percentile":438},"2026-02-01",0.81599,[440,450],{"source":123,"cvss_v2_0":441,"cvss_v3_0":9,"cvss_v3_1":446,"cvss_v4_0":9},{"baseScore":442,"baseSeverity":9,"vectorString":443,"impactScore":444,"exploitabilityScore":445},4.3,"AV:N/AC:M/Au:N/C:N/I:N/A:P",2.9,8.6,{"baseScore":121,"baseSeverity":447,"vectorString":124,"impactScore":448,"exploitabilityScore":449},"HIGH",6,10,{"source":130,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":451,"cvss_v4_0":9},{"baseScore":121,"baseSeverity":9,"vectorString":124,"impactScore":448,"exploitabilityScore":449},[453,474,484,492],{"ecosystem":454,"name":455,"vendor":454,"product":455,"cpe_part":9,"purl_type":456,"purl_namespace":9,"purl_name":455,"source":9,"versions":457},"Npm","ssri","npm",[458,466,470],{"version":459,"is_range":460,"range_type":461,"version_start":462,"version_start_type":463,"version_end":464,"version_end_type":465,"fixed_in":9},"gte5_2_2_lt6_0_2",true,"semver","5.2.2","including","6.0.2","excluding",{"version":467,"is_range":460,"range_type":461,"version_start":468,"version_start_type":463,"version_end":469,"version_end_type":465,"fixed_in":9},"gte7_0_0_lt7_1_1","7.0.0","7.1.1",{"version":471,"is_range":460,"range_type":461,"version_start":472,"version_start_type":463,"version_end":473,"version_end_type":465,"fixed_in":9},"gte8_0_0_lt8_0_1","8.0.0","8.0.1",{"ecosystem":9,"name":475,"vendor":476,"product":475,"cpe_part":477,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":478},"graalvm","oracle","a",[479,482],{"version":480,"is_range":26,"range_type":481,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"20.3.3","cpe",{"version":483,"is_range":26,"range_type":481,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"21.2.0",{"ecosystem":9,"name":485,"vendor":486,"product":487,"cpe_part":477,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":488},"sinec infrastructure network services","siemens","sinec_infrastructure_network_services",[489],{"version":490,"is_range":460,"range_type":481,"version_start":9,"version_start_type":9,"version_end":491,"version_end_type":465,"fixed_in":9},"lt1.0.1.1","1.0.1.1",{"ecosystem":9,"name":455,"vendor":493,"product":455,"cpe_part":477,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":494},"ssri_project",[495,497],{"version":496,"is_range":460,"range_type":481,"version_start":462,"version_start_type":463,"version_end":464,"version_end_type":465,"fixed_in":9},"gte5.2.2_lt6.0.2",{"version":498,"is_range":460,"range_type":481,"version_start":468,"version_start_type":463,"version_end":473,"version_end_type":465,"fixed_in":9},"gte7.0.0_lt8.0.1"]