8 matches found
ROOT-APP-NPM-CVE-2021-43307 CVE-2021-43307 in @rootio/semver-regex - Patched by Root
Root has patched CVE-2021-43307 in the @rootio/semver-regex package for Root:npm. Multiple fixed versions available...
Security Bulletin: Carbon design system packages
Summary Various packages are vulnerable to multiples CVEs and can be resolved by updating to [email protected], @carbon/[email protected], @carbon/[email protected], @carbon/[email protected], @carbon/[email protected], @carbon/[email protected], @carbon/[email protected], @carbon/[email protected]....
CVE-2021-43307 vulnerabilities
Vulnerabilities for packages: py3-captum, pgadmin4...
08cms (=1.0.0), 1-test-gulp-1 (>=0.0.1 <=0.0.4) +6854 more potentially affected by CVE-2021-43307 via semver-regex (>=0.1.1 <=3.1.3)
semver-regex NPM version =0.1.1, =0.0.1, =1.0.0, =3.1.4, =1.0.3, =1.0.0, =3.1.6, =0.0.1, =1.0.0, =1.0.0, =1.1.2 - 3vot-clay =2.0.1 - 433bf =0.0.1 and more Source cves: CVE-2021-43307 Source advisory: OSV:GHSA-4X5V-GMQ8-25CH...
CVE-2021-43307
An exponential ReDoS Regular Expression Denial of Service can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test method...
CVE-2021-43307
An exponential ReDoS Regular Expression Denial of Service can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test method...
CVE-2021-43307
CVE-2021-43307 is a Denial of Service vulnerability in the semver-regex npm package that can be triggered by arbitrary input to the test() method, causing an exponential ReDoS. Public sources (CNVD-2022-76985) indicate DoS affects semver-regex versions prior to 3.1.4 and 4.0.0–4.0.2; patch versio...
CVE-2021-43307 Exponential ReDoS in semver-regex
An exponential ReDoS Regular Expression Denial of Service can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test method...