12 matches found
K000140225: Codemirror vulnerability CVE-2020-7760
Security Advisory Description This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in...
Regular expression denial of Service
Overview codemirror before 5.58.2 is vulnerable to a regular expression denial of service. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS vulnerability of the regex...
0.8.18-p11 (=0.8.18-p12), 0hub (=1.0.0-beta.2) +1457 more potentially affected by CVE-2020-7760 via codemirror (>=2.33.0 <=5.58.1)
codemirror NPM version =2.33.0, =4.13.7-rc4, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.19.1-rc.2, =0.19.1-rc.3, =0.1.1, =0.0.1, =0.1.0, =0.1.0, =1.0.2 and more Source cves: CVE-2020-7760 Source advisory: OSV:GHSA-4GW3-8F77-F72C...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Node.js. Vulnerability Details CVEID: CVE-2020-8277 DESCRIPTION: Node.js is vulnerable to a denial of service. By getting the application to resolve a DNS record with a larger number of responses, an attacker...
Security Bulletin: Vulnerabilities in Node.js affect IBM Integration Bus (CVE-2020-7760)
Summary IBM Integration Bus ships with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2020-7760 DESCRIPTION: Node.js codemirror module is vulnerable to a denial of service, caused by a regular...
Security Bulletin: A security vulnerability in Node.js codemirror module affects IBM Cloud Pak for Multicloud Management.
Summary A security vulnerability in Node.js codemirror module affects IBM Cloud Pak for Multicloud Management. Vulnerability Details CVEID: CVE-2020-7760 DESCRIPTION: Node.js codemirror module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw. By...
Debian DSA-4789-1 : codemirror-js - security update
It was discovered that codemirror, a browser-based text editor implemented in JavaScript, was vulnerable to regular expression denial-of-service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4789. The text...
[SECURITY] [DSA 4789-1] codemirror-js security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4789-1 [email protected] https://www.debian.org/security/ Sebastien Delafond November 12, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4789-1] codemirror-js security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4789-1 [email protected] https://www.debian.org/security/ Sebastien Delafond November 12, 2020 https://www.debian.org/security/faq -...
CVE-2020-7760 Regular Expression Denial of Service (ReDoS)
This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS...
CVE-2020-7760
This CVE-2020-7760 affects CodeMirror prior to 5.58.2 (and org.apache.marmotta.webjars:codemirror) with a ReDOs vulnerability in a JavaScript mode regex (sub-pattern (s|/. ?/) ). IBM’s bulletin confirms the same issue and notes watsonx.data is affected (version 2.2.1) and that remediation is to u...
0.8.18-p11 (=0.8.18-p12), 0hub (=1.0.0-beta.2) +1390 more potentially affected by CVE-2020-7760 via codemirror (>=5.0.0 <=5.58.1)
codemirror NPM version =5.0.0, =4.13.7-rc4, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.19.1-rc.2, =0.19.1-rc.3, =0.1.1, =0.0.1, =0.1.0, =0.1.0, =1.0.2 and more Source cves: CVE-2020-7760 Source advisory: SNYK:JS-CODEMIRROR-1016937...