3 matches found
CVE-2021-34801
Valine 1.4.14 allows remote attackers to cause a denial of service application outage by supplying a ua aka User-Agent value that only specifies the product and version...
@gitldy1013/vuepress-theme-ldy (>=1.1.2 <=1.1.3), @next-theme/plugins (>=0.0.2 <=8.1.0) +17 more potentially affected by CVE-2021-34801 via valine (>=1.3.10 <=1.4.14)
valine NPM version =1.3.10, =1.1.2, =0.0.2, =2.0.0-beta.0, =1.0.11, =0.0.1, =1.0.0, =1.0.0, =1.0.8-alpha.5, =1.1.2, =1.2.1, =1.0.1, =1.0.0, =3.0.0-beta.2, =3.0.0-beta.3 and more Source cves: CVE-2021-34801 Source advisory: OSV:GHSA-P2C4-GXP4-J3XP...
CVE-2021-34801
Valine 1.4.14 exposes a denial-of-service (application outage) when a remote attacker supplies a User-Agent value that only specifies the product and version. The description across multiple sources confirms the vulnerability is triggered via network input and impacts availability; no explicit ex...