AZL-49158 CVE-2024-45296 affecting package js-jquery 3.5.0-4

path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event...

AZL-45309 CVE-2022-37602 affecting package js-jquery 3.5.0-4

Prototype pollution vulnerability in karma-runner grunt-karma 4.0.1 via the key variable in grunt-karma.js...

AZL-44553 CVE-2022-25858 affecting package js-jquery 3.5.0-4

The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service ReDoS due to insecure usage of regular expressions...

AZL-45141 CVE-2022-0436 affecting package js-jquery 3.5.0-4

Path Traversal in GitHub repository gruntjs/grunt prior to 1.5.2...

AZL-45156 CVE-2022-0536 affecting package js-jquery 3.5.0-4

Improper Removal of Sensitive Information Before Storage or Transfer in NPM follow-redirects prior to 1.14.8...

AZL-44673 CVE-2020-36048 affecting package js-jquery 3.5.0-4

Engine.IO before 4.0.0 allows attackers to cause a denial of service resource consumption via a POST request to the long polling transport...

AZL-44940 CVE-2020-28282 affecting package js-jquery 3.5.0-4

Prototype pollution vulnerability in 'getobject' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution...

AZL-44400 CVE-2017-16137 affecting package js-jquery 3.5.0-4

The debug module is vulnerable to regular expression denial of service when untrusted user input is passed into the o formatter. It takes around 50k characters to block for 2 seconds making this a low severity issue...