EUVD-2021-1380

Malware in sbrugna...

EUVD-2022-7138

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-21222

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package css-what before 2.1.3 are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of insecure regular expression in the reattr...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 ESM : css-what vulnerabilities (USN-6065-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6065-1 advisory. It was discovered that css-what incorrectly handled certain inputs. If a user or an automated system were tricked into opening a...

Ubuntu: Security Advisory (USN-6065-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6065-1 node-css-what vulnerabilities

It was discovered that css-what incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2021-33587, CVE-2022-21222...

Debian: Security Advisory (DLA-3350-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3350-1] node-css-what security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3350-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucaries March 03, 2023 https://wiki.debian.org/LTS -...

DLA-3350-1 node-css-what - security update

Bulletin has no description...

Debian dla-3350 : node-css-what - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3350 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3350-1 [email protected]...

Regular Expression Denial Of Service (ReDoS)

css-what is vulnerable to regular expression denial of service. Regular expression used for reattr variable of index.js does not sufficiently include superscript in range, allowing an attacker to pass malicious input via the parse function to cause denial of service...

GHSA-P28H-CC7Q-C4FG css-what vulnerable to ReDoS due to use of insecure regular expression

The package css-what before 2.1.3 is vulnerable to Regular Expression Denial of Service ReDoS due to the use of insecure regular expression in the reattr variable of index.js. The exploitation of this vulnerability could be triggered via the parse function...

08cms (=1.0.0), 1pif-to-keepass (=0.1.0) +6782 more potentially affected by CVE-2022-21222 via css-what (>=1.0.0 <=2.1.0)

css-what NPM version =1.0.0, =0.0.1, =0.1.0, =0.0.1, =0.0.0, =1.0.0, =1.0.1, =0.0.1, =2.0.0, =2.2.0 - @battlemidget/generator-nm =1.4.1 - @benzed/dev =0.9.0 and more Source cves: CVE-2022-21222 Source advisory: OSV:GHSA-P28H-CC7Q-C4FG...

CVE-2022-21222

A vulnerability was found in the css-what package. The flaw allows Regular expression denial of service ReDoS attacks, affecting system availability...

CVE-2022-21222

The package css-what before 2.1.3 are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of insecure regular expression in the reattr variable of index.js. The exploitation of this vulnerability could be triggered via the parse function...

DEBIAN-CVE-2022-21222

The package css-what before 2.1.3 are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of insecure regular expression in the reattr variable of index.js. The exploitation of this vulnerability could be triggered via the parse function...

UBUNTU-CVE-2022-21222

The package css-what before 2.1.3 are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of insecure regular expression in the reattr variable of index.js. The exploitation of this vulnerability could be triggered via the parse function...

CVE-2022-21222 Regular Expression Denial of Service (ReDoS)

The package css-what before 2.1.3 are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of insecure regular expression in the reattr variable of index.js. The exploitation of this vulnerability could be triggered via the parse function...

CVE-2022-21222

The package css-what before 2.1.3 are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of insecure regular expression in the reattr variable of index.js. The exploitation of this vulnerability could be triggered via the parse function...

CVE-2022-21222

CVE-2022-21222 affects the Node.js package css-what prior to version 2.1.3. The vulnerability stems from an insecure regular expression in the re_attr variable of index.js, enabling Regular Expression Denial of Service (ReDoS) via the parse function. Affected users should upgrade to 2.1.3 or newe...