Lucene search
+L

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2023-43646

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - get-func-name is a module to retrieve a function's name securely and consistently both in NodeJS and the browser. Versions prior to 2.0.1 are subject to a regul...

8.6CVSS6.6AI score0.01114EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2023/09/27 8:16 p.m.3 views

chai (=4.0.0-canary.1), chai-project (=1.0.0) +2 more potentially affected by CVE-2023-43646 via get-func-name (>=1.0.0 <=2.0.0)

get-func-name NPM version =1.0.0, =1.0.1, =1.0.0, =1.0.4 Source cves: CVE-2023-43646 Source advisory: OSV:GHSA-4Q6P-R6V2-JVC5...

8.6CVSS6.7AI score0.01114EPSS
Exploits1
Chainguard
Chainguard
added 2023/09/27 3:19 p.m.31 views

CVE-2023-43646 vulnerabilities

Vulnerabilities for packages: vitess...

8.6CVSS6.9AI score0.01114EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2023/09/26 6:19 p.m.14 views

CVE-2023-43646 Inefficient Regular Expression Complexity in get-func-name

get-func-name is a module to retrieve a function's name securely and consistently both in NodeJS and the browser. Versions prior to 2.0.1 are subject to a regular expression denial of service redos vulnerability which may lead to a denial of service when parsing malicious input. This vulnerabilit...

8.6CVSS6.6AI score0.01114EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2023/09/26 6:19 p.m.36 views

CVE-2023-43646

get-func-name is a module to retrieve a function's name securely and consistently both in NodeJS and the browser. Versions prior to 2.0.1 are subject to a regular expression denial of service redos vulnerability which may lead to a denial of service when parsing malicious input. This vulnerabilit...

8.6CVSS6.3AI score0.01114EPSS
Exploits1
CVE
CVE
added 2023/09/26 6:19 p.m.298 views

CVE-2023-43646

CVE-2023-43646 affects the get-func-name module (NodeJS and browser) where versions before 2.0.1 are vulnerable to a Regular Expression Denial of Service (ReDoS) caused by imbalance in parentheses that triggers catastrophic backtracking and high CPU usage on malicious input (e.g., a tab-heavy str...

8.6CVSS7.7AI score0.01114EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder