3 matches found
@candela/stats (>=0.20.0 <=0.21.0), @candela/vega (>=0.20.0 <=0.23.0) +131 more potentially affected by CVE-2025-26619 via vega (>=1.5.4 <=5.30.0)
vega NPM version =1.5.4, =0.20.0, =0.20.0, =0.3.0, =0.6.0, =1.0.5, =1.2.0, =0.0.2, =0.8.0, =3.1.3 - @jupyterlab/vega3-extension =0.14.3 and more Source cves: CVE-2025-26619 Source advisory: OSV:GHSA-RCW3-WMX7-CPHR...
PT-2024-25971 · Unknown · Ukrsolution Barcode Scanner With Inventory & Order Manager
Name of the Vulnerable Software and Affected Versions: UkrSolution Barcode Scanner with Inventory & Order Manager versions 1.5.4 and earlier Description: The issue is related to the exposure of sensitive information to an unauthorized actor. Recommendations: For versions 1.5.4 and earlier, update...
GHSA-M5PQ-GVJ9-9VR8 Rust's regex crate vulnerable to regular expression denial of service
This is a cross-post of the official security advisoryadvisory. The official advisory contains a signed version with our PGP key, as well. advisory: https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw The Rust Security Response WG was notified that the regex crate did not...