This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod(), and other methods to enter an infinite loop, hanging the process indefinitely.

...

Mautic 路径遍历漏洞

Mautic is an open source marketing automation software from Mautic Open Source. The software monitors and manages websites, sends emails and manages customer resources. A security vulnerability exists in Mautic versions prior to 5.2.3, which stems from improper path restrictions...

Plone XXE vulnerability (CNVD-2021-01549)

Plone is an open source content management system. A XXE XML External Entity Injection vulnerability exists in Plone versions prior to 5.2.3. An attacker can exploit this vulnerability to conduct XXE attacks...

Linux kernel input validation error vulnerability (CNVD-2019-38522)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. An input validation error vulnerability exists in the 'setgeometry' function of the drivers/block/floppy.c file in versions of Linux kernel prior to 5.2.3. The...