6 matches found
116zm_atm (=1.0.0), 11_mybank (=1.0.0) +607 more potentially affected by CVE-2021-23567 via faker (=6.6.6)
faker NPM version =6.6.6 is affected by a known vulnerability. The following packages have a transitive dependency on faker and may be impacted: - 116zmatm =1.0.0 - 11mybank =1.0.0 - @acceleratxr/react-shared =1.1.0, =0.1.0, =1.0.0, =1.2.1, =1.1.0, =1.3.0, =1.0.0, =1.1.0, =1.2.0, =1.1.0, =1.2.0,...
Removal of functional code in faker.js
Faker.js helps users create large amounts of data for testing and development. The maintainer deliberately removed the functional code from this package. This appears to be a purposeful and successful attempt to make the package unusable. This is related to the colors.js CVE-2021-23567. The...
GHSA-5W9C-RV96-FR7G Removal of functional code in faker.js
Faker.js helps users create large amounts of data for testing and development. The maintainer deliberately removed the functional code from this package. This appears to be a purposeful and successful attempt to make the package unusable. This is related to the colors.js CVE-2021-23567. The...
CVE-2021-23567 Denial of Service (DoS)
The package colors after 1.4.0 are vulnerable to Denial of Service DoS that was introduced through an infinite loop in the americanFlag module. Unfortunately this appears to have been a purposeful attempt by a maintainer of colors to make the package unusable, other maintainers' controls over thi...
CVE-2021-23567
The package colors after 1.4.0 are vulnerable to Denial of Service DoS that was introduced through an infinite loop in the americanFlag module. Unfortunately this appears to have been a purposeful attempt by a maintainer of colors to make the package unusable, other maintainers' controls over thi...
CVE-2021-23567
CVE-2021-23567 affects the colors.js package (colors) after version 1.4.0 due to an infinite loop in the americanFlag module, enabling a Denial of Service condition. Multiple sources (NVD, OSV, GHSA) describe the vulnerable code path and attribute it to a deliberate change by a maintainer. IBM bu...