85 matches found
steal Inefficient Regular Expression Complexity vulnerability via string variable
A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the string variable in babel.js...
CVE-2022-37259
A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the string variable in babel.js...
CVE-2022-37265
Prototype pollution vulnerability in stealjs steal 2.2.4 via the alias variable in babel.js...
Code injection
Prototype pollution vulnerability in stealjs steal 2.2.4 via the alias variable in babel.js...
CVE-2022-37265
Prototype pollution vulnerability in stealjs steal 2.2.4 via the alias variable in babel.js...
CVE-2022-37265
Prototype pollution vulnerability in stealjs steal 2.2.4 via the alias variable in babel.js...
CVE-2022-37265
Prototype pollution vulnerability in stealjs steal 2.2.4 via the alias variable in babel.js...
CVE-2022-37265
CVE-2022-37265 : A prototype pollution vulnerability affects stealjs steal version 2.2.4 via the alias variable in babel.js. Multiple connected sources (GHSA, Veracode, NVD, Red Hat) describe that an attacker can inject properties into existing object prototypes (e.g., proto , constructor, protot...
CVE-2022-37259
CVE-2022-37259 affects stealjs/steal version 2.2.4. The root cause is a Regular Expression Denial of Service (ReDoS) flaw exposed via a string variable in babel.js. The CVSS metrics indicate Network attack vector, low attack complexity, no privileges or user interaction, with availability impact ...
CVE-2022-37259
A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the string variable in babel.js...
CVE-2022-37259
A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the string variable in babel.js...
steal 资源管理错误漏洞
steal is StealJS open source an extensible general-purpose module loader . It can load JavaScript modules defined in ES6, AMD and CommonJS formats. A security vulnerability exists in steal version 2.2.4, which stems from a regular expression denial of service ReDoS vulnerability triggered onealjs...
steal 安全漏洞
steal is StealJS open source an extensible general-purpose module loader . It can load JavaScript modules defined in ES6, AMD and CommonJS formats. A security vulnerability exists in steal version 2.2.4, which stems from prototype contamination via alias variables in babel.js...
GHSA-GVJW-8MMR-8F6G steal vulnerable to Prototype Pollution
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the packageName variable in npm-convert.js...
steal vulnerable to Prototype Pollution
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the packageName variable in npm-convert.js...
CVE-2022-37258
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the packageName variable in npm-convert.js...
CVE-2022-37258
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the packageName variable in npm-convert.js...
Code injection
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the packageName variable in npm-convert.js...
CVE-2022-37258
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the packageName variable in npm-convert.js...
CVE-2022-37258
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the packageName variable in npm-convert.js...