CVE-2022-37603

A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js...

loader-utils 安全漏洞

loader-utils is a webpack open source utility for the webpack loader. A security vulnerability exists in loader-utils version 2.0.0, which stems from a regular expression denial of service ReDoS vulnerability via the inclusion of a url variable in interpolateName.js...

CVE-2022-37603

CVE-2022-37603 describes a Regular Expression Denial of Service (ReDoS) in webpack-loader-utils, specifically in Function interpolateName.js (interpolateName.js) via the url variable. The issue affects loader-utils v2.0.0 and can lead to DoS conditions in applications that process input using thi...

CVE-2022-37603

A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js...

PT-2022-24024

Name of the Vulnerable Software and Affected Versions webpack loader-utils version 2.0.0 webpack loader-utils versions prior to 1.4.2 webpack loader-utils versions prior to 2.0.4 webpack loader-utils versions prior to 3.2.1 Description A Regular expression denial of service ReDoS flaw was found i...

CVE-2022-37603

A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js...

-tompan-reacttemplate (>=1.0.1 <=1.1.0), 06demo-1 (=1.0.0) +34038 more potentially affected by CVE-2022-37601 via loader-utils (>=0.1.2 <=1.4.0)

loader-utils NPM version =0.1.2, =1.0.1, =1.1.0 - 06demo-1 =1.0.0 - 0726react =0.1.1 - 0x0.icu.anima =0.1.0 - 0xgank-tea-advice-pull =1.0.0 - 0xgank-tea-balance-pencil =1.0.0 - 0xgank-tea-brick-bell =1.0.0 - 0xgank-tea-cake-victory =1.0.0 - 0xgank-tea-central-compound =1.0.0 -...

0xgank-tea-advice-pull (=1.0.0), 0xgank-tea-balance-pencil (=1.0.0) +8769 more potentially affected by CVE-2022-37601 via loader-utils (>=2.0.0 <=2.0.2)

loader-utils NPM version =2.0.0, =2.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on loader-utils and may be impacted: - 0xgank-tea-advice-pull =1.0.0 - 0xgank-tea-balance-pencil =1.0.0 - 0xgank-tea-brick-bell =1.0.0 - 0xgank-tea-cake-victory =1.0.0...

Prototype pollution in webpack loader-utils

Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils prior to version 2.0.3 via the name variable in parseQuery.js...

GHSA-76P3-8JX3-JPFQ Prototype pollution in webpack loader-utils

Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils prior to version 2.0.3 via the name variable in parseQuery.js...

AZL-26161 CVE-2022-37601 affecting package reaper for versions less than 3.1.1-3

Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3...

DEBIAN-CVE-2022-37601

Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3...

CVE-2022-37601

Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3...

CVE-2022-37601

Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3...

CVE-2022-37601

Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3...

Code injection

Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils 2.0.0 via the name variable in parseQuery.js...

UBUNTU-CVE-2022-37601

Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3...

@alfresco/adf-testing (=6.0.0-A.2-8258), @angular-architects/build-angular (=14.2.0-next.0) +54 more potentially affected by CVE-2022-37599 via loader-utils (>=3.0.0 <=3.2.0)

loader-utils NPM version =3.0.0, =0.9.2, =13.0.0, =1.0.0, =1.3.1, =13.0.0-rc.18, =3.9.0, =13.0.0, =0.1.0, =1.7.4, =4.7.1-beta.0, =4.7.1-beta.0, =9.1.3-beta.1 and more Source cves: CVE-2022-37599 Source advisory: OSV:GHSA-HHQ3-FF78-JV3G...

-tompan-reacttemplate (>=1.0.1 <=1.1.0), 0x0.icu.anima (=0.1.0) +14916 more potentially affected by CVE-2022-37599 via loader-utils (>=1.0.0 <=1.4.1)

loader-utils NPM version =1.0.0, =1.0.1, =1.0.5, =0.1.0, =0.1.0, =1.0.3, =0.1.0, =0.1.2, =0.0.2, =0.3.0, =0.1.4, =0.1.6 and more Source cves: CVE-2022-37599 Source advisory: OSV:GHSA-HHQ3-FF78-JV3G...

loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS)

A regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils via the resourcePath variable in interpolateName.js. A badly or maliciously formed string could be used to send crafted requests that cause a system to crash or ta...