Lucene search
PRIOn knowledge basePRION:CVE-2022-21222HistorySep 30, 2022 - 5:15 a.m.
Design/Logic Flaw
2022-09-3005:15:00
PRIOn knowledge base
www.prio-n.com
3
The package css-what before 2.1.3 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of insecure regular expression in the re_attr variable of index.js. The exploitation of this vulnerability could be triggered via the parse function.
Related
redhatcve
redhatcve
CVE-2022-21222
2022-09-30 18:18:59
nvd
nvd
CVE-2022-21222
2022-09-30 05:15:08
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2022-10-03 08:41:44
debiancve
debiancve
CVE-2022-21222
2022-09-30 05:15:08
github
github
css-what vulnerable to ReDoS due to use of insecure regular expression
2022-10-01 00:00:24
osv
osv
css-what vulnerable to ReDoS due to use of insecure regular expression
2022-10-01 00:00:24
CVE-2022-21222
2022-09-30 05:15:08
node-css-what vulnerabilities
2023-05-10 11:13:36
cvelist
cvelist
CVE-2022-21222 Regular Expression Denial of Service (ReDoS)
2022-09-30 00:00:00
cve
cve
CVE-2022-21222
2022-09-30 05:15:08
ubuntucve
ubuntucve
CVE-2022-21222
2022-09-30 00:00:00
nessus
nessus
Debian DLA-3350-1 : node-css-what - LTS security update
2023-03-03 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6065-1)
2023-05-11 00:00:00
Debian: Security Advisory (DLA-3350-1)
2023-03-08 00:00:00
debian
debian
[SECURITY] [DLA 3350-1] node-css-what security update
2023-03-03 10:50:07
ubuntu
ubuntu
css-what vulnerabilities
2023-05-10 00:00:00
ibm
ibm