6 matches found
Security Bulletin: IBM Security QRadar Analyst Workflow app for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has addressed the vulnerabilities. Vulnerability Details CVEID:CVE-2021-44906 DESCRIPTION: Node.js Minimist module could allow a remote attacker to execute...
4talent-questions-shortlist (=1.3.3), @42.nl/ui (>=1.0.7 <=1.0.9) +635 more potentially affected by CVE-2021-23346 via html-parse-stringify2 (>=1.2.1 <=2.0.1)
html-parse-stringify2 NPM version =1.2.1, =1.0.7, =5.0.1, =0.1.0, =1.0.0, =0.2.0-alpha.1, =0.1.2, =0.9.9, =0.9.9, =6.3.0, =3.6.0, =0.3.1, =0.1.0, =0.3.0 and more Source cves: CVE-2021-23346 Source advisory: OSV:GHSA-545Q-3FG6-48M7...
@amoy/query-components (>=1.0.0 <=1.0.8), @cortezaproject/corteza-ext-renderer (>=2020.3.0 <=2020.12.0) +46 more potentially affected by CVE-2021-23346 via html-parse-stringify (>=1.0.1 <=1.0.3)
html-parse-stringify NPM version =1.0.1, =1.0.0, =2020.3.0, =2020.3.0-rc.8, =0.3.0, =4.0.0, =2.0.7, =4.0.22, =3.0.4, =14.10.3, =1.0.0, =1.0.0, =6.9.17, =1.0.0, =3.0.0-rc.2 and more Source cves: CVE-2021-23346 Source advisory: OSV:GHSA-545Q-3FG6-48M7...
CVE-2021-23346
This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process...
CVE-2021-23346
CVE-2021-23346 affects Node.js packages html-parse-stringify and html-parse-stringify2. The vulnerability is a Regular Expression DoS (ReDoS) due to backtracking in parsing regex, which can cause the process to freeze and lead to a denial of service. IBM IBM Cloud Pak for Security CP4S versions 1...
CVE-2021-23346 Regular Expression Denial of Service (ReDoS)
This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process...