Lucene search
K

12 matches found

OSV
OSV
added 2026/06/30 12:0 a.m.3 views

OPENSUSE-SU-2026:11158-1 perl-JavaScript-Minifier-XS-0.160.0-1.1 on GA media

These are all security issues fixed in the perl-JavaScript-Minifier-XS-0.160.0-1.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS5.8AI score0.00609EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-56018

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify, allowing unbounded memory growth. In JsMinify XS.xs the cleanup free...

7.5CVSS6.2AI score0.00609EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-56017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp...

7.5CVSS5.9AI score0.00488EPSS
Exploits0References3
OSV
OSV
added 2026/06/29 8:17 p.m.3 views

UBUNTU-CVE-2026-56018

JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify, allowing unbounded memory growth. In JsMinify XS.xs the cleanup frees only the NodeSet structures and never the per-token contents buffers allocated in JsSetNodeContents; JsDiscardNode unlinks nodes withou...

7.5CVSS5.9AI score0.00609EPSS
Exploits0References6
CVE
CVE
added 2026/06/29 7:38 p.m.9 views

CVE-2026-56018

CVE-2026-56018 concerns JavaScript::Minifier::XS for Perl with memory leak in versions before 0.16. The root cause is that, in JsMinify (XS.xs), cleanup frees only NodeSet structures but not per-token contents buffers, and JsDiscardNode unlinks nodes without freeing their contents. As a result, e...

7.5CVSS5.9AI score0.00609EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/29 7:38 p.m.5 views

CVE-2026-56018

JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify, allowing unbounded memory growth. In JsMinify XS.xs the cleanup frees only the NodeSet structures and never the per-token contents buffers allocated in JsSetNodeContents; JsDiscardNode unlinks nodes withou...

7.5CVSS5.9AI score0.00609EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/29 7:38 p.m.6 views

CVE-2026-56017

JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp versus division disambiguator in JsTokenizeString XS.xs inspects the previous token's last byte to choose between a regexp literal and a...

7.5CVSS5.8AI score0.00488EPSS
Exploits0References2
CVE
CVE
added 2026/06/29 7:38 p.m.10 views

CVE-2026-56017

JavaScript::Minifier::XS (Perl) is affected in versions before 0.16. The vulnerability arises when the first meaningful token is a slash; the JsTokenizeString logic examines the previous token and, with no valid preceding token, dereferences a NULL pointer, causing a crash. The public minify() AP...

7.5CVSS5.8AI score0.00488EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/29 7:38 p.m.9 views

CVE-2026-56017

JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp versus division disambiguator in JsTokenizeString XS.xs inspects the previous token's last byte to choose between a regexp literal and a...

7.5CVSS5.8AI score0.00488EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.5 views

PT-2026-53732

Name of the Vulnerable Software and Affected Versions JavaScript::Minifier::XS versions prior to 0.16 Description A NULL pointer dereference occurs when the first meaningful token of the input is a slash. The issue resides in the JsTokenizeString function within the XS.xs file, where the regexp...

7.5CVSS5.8AI score0.00488EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.9 views

PT-2026-53733

Name of the Vulnerable Software and Affected Versions JavaScript::Minifier::XS versions prior to 0.16 Description An issue exists where memory is leaked during every call to the minify function. In the XS.xs component, the cleanup process only frees NodeSet structures and fails to free per-token...

7.5CVSS5.8AI score0.00609EPSS
Exploits0References5
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-178281

Malicious code in jekyll-deneb-uglify-js-paleobotany npm...

6.6AI score
Exploits0
Rows per page
Query Builder