2 matches found
GHSA-X4HG-HFWF-P9MW @asymmetric-effort/nogginlessdom vulnerable to ReDoS via user-controlled regex in HTMLInputElement pattern validation
Summary The HTMLInputElement.checkValidity method constructed a RegExp directly from the user-controlled pattern property without any sanitization or timeout protection. This allowed an attacker to inject a regex with catastrophic backtracking, freezing the event loop. Fix Fixed in commit...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006574)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006574 advisory. In the Linux kernel, the following vulnerability has been resolved: ext2: Check block size validity during mount Check that log of block size stored in the superbloc...