2 matches found
@daedalus/angular-handsontable (>=1.0.1 <=1.0.5), @hpcc-js/handson (>=0.0.1 <=0.0.44) +53 more potentially affected by CVE-2021-23446 via handsontable (>=0.25.1 <=0.38.1)
handsontable NPM version =0.25.1, =1.0.1, =0.0.1, =1.0.2, =0.1.0, =0.1.0, =1.0.0-beta1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.1.11, =1.1.12 and more Source cves: CVE-2021-23446 Source advisory: OSV:GHSA-HF66-R44G-P7J9...
CVE-2021-23446 Regular Expression Denial of Service (ReDoS)
The package handsontable before 10.0.0; the package handsontable from 0 and before 10.0.0 are vulnerable to Regular Expression Denial of Service ReDoS in Handsontable.helper.isNumeric function...