Astra Linux - уязвимость в node-es5-ext

es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into functioncopy or functiontoStringTokens may cause the script to stall. The vulnerability is patched in v0.10.63...

Security Bulletin: Vulnerabilities in Eran Hammer cryptiles, PostCSS,Node.js,node-notifier,es5-ext ,MySQL Connectors,json-path and tough-cookie might affect IBM Storage Defender Copy Data Management

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Eran Hammer cryptiles, PostCSS,Node.js,node-notifier,es5-ext ,MySQL Connectors,json-path and tough-cookier. Vulnerabilities include an attacker is able to brute force something that was supposed to be random, ...

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in medikoo es5-ext

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of medikoo es5-ext. Vulnerability Details CVEID:CVE-2024-27088 DESCRIPTION: es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into functioncopy or...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in es5-ext-0.10.53.tgz

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of es5-ext-0.10.53.tgz Vulnerability Details CVEID:CVE-2024-27088 DESCRIPTION: medikoo es5-ext is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw. By providing...

ROS-20240904-12

A vulnerability in the ECMAScript 5 extension of the es5-ext package is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Security Bulletin: IBM Observability with Instana for Synthetic PoP is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were addressed in IBM Observability with Instana for Synthetic PoP build 271 Vulnerability Details CVEID:CVE-2024-22259 DESCRIPTION: VMware Tanzu Spring Framework could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability i...

Security Bulletin: Vulnerabilities in medikoo es5-ext and Node.js packages might affect IBM Storage Defender – Resiliency Service (CVE-2024-27088 and CVE-2024-28849)

Summary IBM Storage Defender – Resiliency Service is vulnerable and that can result in denial of service. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2024-27088 DESCRIPTION: medikoo es5-ext is vulnerable to a denial of service, caused by a regular expression denial of...

Denial Of Service (DoS)

es5-ext is vulnerable to a Denial of Service DoS. The vulnerability is due to the handling of functions with very long names or complex default argument names in functioncopy or functiontoStringTokens, which may cause the script to stall. This potentially leads to Denial of Service DoS...

GHSA-4GMJ-3P3H-GM8H es5-ext vulnerable to Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`

Impact Passing functions with very long names or complex default argument names into functioncopy orfunctiontoStringTokens may put script to stall Patches Fixed with https://github.com/medikoo/es5-ext/commit/3551cdd7b2db08b1632841f819d008757d28e8e2 and...

es5-ext vulnerable to Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`

Impact Passing functions with very long names or complex default argument names into functioncopy orfunctiontoStringTokens may put script to stall Patches Fixed with https://github.com/medikoo/es5-ext/commit/3551cdd7b2db08b1632841f819d008757d28e8e2 and...

CVE-2024-27088

es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into functioncopy or functiontoStringTokens may cause the script to stall. The vulnerability is patched in v0.10.63...

UBUNTU-CVE-2024-27088

es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into functioncopy or functiontoStringTokens may cause the script to stall. The vulnerability is patched in v0.10.63...

CVE-2024-27088

es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into functioncopy or functiontoStringTokens may cause the script to stall. The vulnerability is patched in v0.10.63...

CVE-2024-27088 es5-ext Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`

es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into functioncopy or functiontoStringTokens may cause the script to stall. The vulnerability is patched in v0.10.63...

CVE-2024-27088

CVE-2024-27088 affects the es5-ext library, which provides ECMAScript 5 extensions. The issue arises when passing functions with very long names or complex default argument names into the library’s copy or toStringTokens routines, potentially causing the script to stall. The vulnerability is publ...

CVE-2024-27088 es5-ext Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`

es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into functioncopy or functiontoStringTokens may cause the script to stall. The vulnerability is patched in v0.10.63...

es5-ext Security Vulnerability

es5-ext is an ECMAScript extension from the individual developer Mariusz Nowak. A security vulnerability exists in es5-ext prior to v0.10.63, which stems from the use of functions with very long names or complex default parameter names that may cause the script to halt...