85 matches found
steal 安全漏洞
steal is StealJS open source an extensible general-purpose module loader . It can load JavaScript modules defined in ES6, AMD and CommonJS formats. A security vulnerability exists in steal 2.2.4, which results in a steal Regular Expression Denial of Service ReDoS via input variables in main.js...
steal 安全漏洞
steal is StealJS open source an extensible general-purpose module loader . It can load JavaScript modules defined in ES6, AMD and CommonJS formats. A security vulnerability exists in steal 2.2.4, which stems from prototype contamination of function extend in StealJS via the key variable in babel....
steal 资源管理错误漏洞
steal is StealJS open source an extensible general-purpose module loader . It can load JavaScript modules defined in ES6, AMD and CommonJS formats. A security vulnerability exists in steal 2.2.4, which originates from a StealJS Regular Expression Denial of Service ReDoS via the source and...
PT-2022-23903 · Stealjs · Stealjs
Name of the Vulnerable Software and Affected Versions: stealjs steal version 2.2.4 Description: A Regular Expression Denial of Service ReDoS flaw was found in the source and sourceWithComments variables in main.js. This issue can cause a denial of service. Recommendations: For version 2.2.4,...
PT-2022-23906 · Stealjs · Stealjs
Name of the Vulnerable Software and Affected Versions: stealjs steal version 2.2.4 Description: The issue is related to a prototype pollution vulnerability in the extend function in babel.js within stealjs steal. This vulnerability is exploited via the key variable in babel.js. Recommendations: F...