Lucene search
K

85 matches found

CNNVD
CNNVD
added 2022/09/15 12:0 a.m.4 views

steal 安全漏洞

steal is StealJS open source an extensible general-purpose module loader . It can load JavaScript modules defined in ES6, AMD and CommonJS formats. A security vulnerability exists in steal 2.2.4, which results in a steal Regular Expression Denial of Service ReDoS via input variables in main.js...

7.5CVSS7.3AI score0.01017EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/09/15 12:0 a.m.4 views

steal 安全漏洞

steal is StealJS open source an extensible general-purpose module loader . It can load JavaScript modules defined in ES6, AMD and CommonJS formats. A security vulnerability exists in steal 2.2.4, which stems from prototype contamination of function extend in StealJS via the key variable in babel....

9.8CVSS8.2AI score0.01055EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/09/15 12:0 a.m.3 views

steal 资源管理错误漏洞

steal is StealJS open source an extensible general-purpose module loader . It can load JavaScript modules defined in ES6, AMD and CommonJS formats. A security vulnerability exists in steal 2.2.4, which originates from a StealJS Regular Expression Denial of Service ReDoS via the source and...

7.5CVSS7.3AI score0.01079EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/09/15 12:0 a.m.4 views

PT-2022-23903 · Stealjs · Stealjs

Name of the Vulnerable Software and Affected Versions: stealjs steal version 2.2.4 Description: A Regular Expression Denial of Service ReDoS flaw was found in the source and sourceWithComments variables in main.js. This issue can cause a denial of service. Recommendations: For version 2.2.4,...

7.5CVSS7.2AI score0.01079EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/09/15 12:0 a.m.5 views

PT-2022-23906 · Stealjs · Stealjs

Name of the Vulnerable Software and Affected Versions: stealjs steal version 2.2.4 Description: The issue is related to a prototype pollution vulnerability in the extend function in babel.js within stealjs steal. This vulnerability is exploited via the key variable in babel.js. Recommendations: F...

9.8CVSS9.2AI score0.01055EPSS
Exploits0References8
Rows per page
Query Builder