Lucene search
K

12 matches found

F5 Networks
F5 Networks
added 2024/07/02 6:2 a.m.38 views

K000140225: Codemirror vulnerability CVE-2020-7760

Security Advisory Description This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in...

7.5CVSS6.4AI score0.05197EPSS
Exploits1
Node.js
Node.js
added 2021/05/10 6:48 p.m.60 views

Regular expression denial of Service

Overview codemirror before 5.58.2 is vulnerable to a regular expression denial of service. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS vulnerability of the regex...

5CVSS3.1AI score0.05197EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsv
added 2021/05/10 6:46 p.m.5 views

0.8.18-p11 (=0.8.18-p12), 0hub (=1.0.0-beta.2) +1457 more potentially affected by CVE-2020-7760 via codemirror (>=2.33.0 <=5.58.1)

codemirror NPM version =2.33.0, =4.13.7-rc4, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.19.1-rc.2, =0.19.1-rc.3, =0.1.1, =0.0.1, =0.1.0, =0.1.0, =1.0.2 and more Source cves: CVE-2020-7760 Source advisory: OSV:GHSA-4GW3-8F77-F72C...

7.5CVSS6.7AI score0.05197EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/27 3:40 a.m.37 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Node.js. Vulnerability Details CVEID: CVE-2020-8277 DESCRIPTION: Node.js is vulnerable to a denial of service. By getting the application to resolve a DNS record with a larger number of responses, an attacker...

8.1CVSS0.8AI score0.54164EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/23 10:20 a.m.27 views

Security Bulletin: Vulnerabilities in Node.js affect IBM Integration Bus (CVE-2020-7760)

Summary IBM Integration Bus ships with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2020-7760 DESCRIPTION: Node.js codemirror module is vulnerable to a denial of service, caused by a regular...

7.5CVSS1AI score0.05197EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/19 4:54 a.m.33 views

Security Bulletin: A security vulnerability in Node.js codemirror module affects IBM Cloud Pak for Multicloud Management.

Summary A security vulnerability in Node.js codemirror module affects IBM Cloud Pak for Multicloud Management. Vulnerability Details CVEID: CVE-2020-7760 DESCRIPTION: Node.js codemirror module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw. By...

7.5CVSS1.3AI score0.05197EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/11/13 12:0 a.m.34 views

Debian DSA-4789-1 : codemirror-js - security update

It was discovered that codemirror, a browser-based text editor implemented in JavaScript, was vulnerable to regular expression denial-of-service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4789. The text...

7.5CVSS6.6AI score0.05197EPSS
Exploits1References3
Debian
Debian
added 2020/11/12 9:7 a.m.32 views

[SECURITY] [DSA 4789-1] codemirror-js security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4789-1 [email protected] https://www.debian.org/security/ Sebastien Delafond November 12, 2020 https://www.debian.org/security/faq -...

5CVSS0.2AI score0.05197EPSS
Exploits1
Debian
Debian
added 2020/11/12 9:7 a.m.51 views

[SECURITY] [DSA 4789-1] codemirror-js security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4789-1 [email protected] https://www.debian.org/security/ Sebastien Delafond November 12, 2020 https://www.debian.org/security/faq -...

7.5CVSS6.3AI score0.05197EPSS
Exploits1
Cvelist
Cvelist
added 2020/10/30 11:10 a.m.24 views

CVE-2020-7760 Regular Expression Denial of Service (ReDoS)

This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS...

5.3CVSS6.1AI score0.05197EPSS
Exploits1References12
CVE
CVE
added 2020/10/30 11:10 a.m.197 views

CVE-2020-7760

This CVE-2020-7760 affects CodeMirror prior to 5.58.2 (and org.apache.marmotta.webjars:codemirror) with a ReDOs vulnerability in a JavaScript mode regex (sub-pattern (s|/. ?/) ). IBM’s bulletin confirms the same issue and notes watsonx.data is affected (version 2.2.1) and that remediation is to u...

7.5CVSS6.1AI score0.05197EPSS
Exploits1References12Affected Software1
vulnersOsv
vulnersOsv
added 2020/10/09 3:16 p.m.4 views

0.8.18-p11 (=0.8.18-p12), 0hub (=1.0.0-beta.2) +1390 more potentially affected by CVE-2020-7760 via codemirror (>=5.0.0 <=5.58.1)

codemirror NPM version =5.0.0, =4.13.7-rc4, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.19.1-rc.2, =0.19.1-rc.3, =0.1.1, =0.0.1, =0.1.0, =0.1.0, =1.0.2 and more Source cves: CVE-2020-7760 Source advisory: SNYK:JS-CODEMIRROR-1016937...

7.5CVSS6.7AI score0.05197EPSS
Exploits1
Rows per page
Query Builder