6 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-43646
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - get-func-name is a module to retrieve a function's name securely and consistently both in NodeJS and the browser. Versions prior to 2.0.1 are subject to a regul...
chai (=4.0.0-canary.1), chai-project (=1.0.0) +2 more potentially affected by CVE-2023-43646 via get-func-name (>=1.0.0 <=2.0.0)
get-func-name NPM version =1.0.0, =1.0.1, =1.0.0, =1.0.4 Source cves: CVE-2023-43646 Source advisory: OSV:GHSA-4Q6P-R6V2-JVC5...
CVE-2023-43646 vulnerabilities
Vulnerabilities for packages: vitess...
CVE-2023-43646 Inefficient Regular Expression Complexity in get-func-name
get-func-name is a module to retrieve a function's name securely and consistently both in NodeJS and the browser. Versions prior to 2.0.1 are subject to a regular expression denial of service redos vulnerability which may lead to a denial of service when parsing malicious input. This vulnerabilit...
CVE-2023-43646
get-func-name is a module to retrieve a function's name securely and consistently both in NodeJS and the browser. Versions prior to 2.0.1 are subject to a regular expression denial of service redos vulnerability which may lead to a denial of service when parsing malicious input. This vulnerabilit...
CVE-2023-43646
CVE-2023-43646 affects the get-func-name module (NodeJS and browser) where versions before 2.0.1 are vulnerable to a Regular Expression Denial of Service (ReDoS) caused by imbalance in parentheses that triggers catastrophic backtracking and high CPU usage on malicious input (e.g., a tab-heavy str...