• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

NVD-CWE-Other

CVE-2021-23426

February 23, 2023 by

This affects all versions of package Proto. It is possible to inject pollute the object property of an application using Proto by leveraging the merge function.

CVE-2021-23446

February 23, 2023 by

The package handsontable before 10.0.0; the package handsontable from 0 and before 10.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) in Handsontable.helper.isNumeric function.

CVE-2021-23490

February 23, 2023 by

The package parse-link-header before 2.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the checkHeader function.

CVE-2021-23362

February 23, 2023 by

The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service (ReDoS) via regular expression shortcutMatch in the fromUrl function in index.js. The affected regular expression exhibits polynomial worst-case time complexity.

CVE-2021-23364

February 23, 2023 by

The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.

CVE-2021-23382

February 23, 2023 by

The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service (ReDoS) via getAnnotationURL() and loadAnnotation() in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern /*s* sourceMappingURL=(.*).

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 812
  • Go to page 813
  • Go to page 814
  • Go to page 815
  • Go to page 816
  • Interim pages omitted …
  • Go to page 940
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE