4166 matches found
KLA12600 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. Out of boun...
CVE-2022-2596
Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10...
CVE-2022-2596
Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10...
Design/Logic Flaw
Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10...
CVE-2022-2596
Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10...
UBUNTU-CVE-2022-2596
Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10...
CVE-2022-2596 Inefficient Regular Expression Complexity in node-fetch/node-fetch
Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10...
CVE-2022-2596
CVE-2022-2596 affects node-fetch/node-fetch prior to 3.2.10, where an inefficient regular expression can lead to denial of service. The root cause is a ReDoS in isOriginPotentiallyTrustworthy() within referrer.js. Public advisories (GitHub GHSA) confirm the vulnerability and indicate the fix is t...
CVE-2022-2596 Inefficient Regular Expression Complexity in node-fetch/node-fetch
Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10...
CVE-2022-2596
Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10...
node-fetch 资源管理错误漏洞
node-fetch is a lightweight module that brings the Fetch API to Node.js. A resource management error vulnerability exists in node-fetch/node-fetch, which stems from a denial of service in the GitHub repository node-fetch/node-fetch in versions prior to 3.2.10...
PT-2022-17618 · Unknown · Node-Fetch
Name of the Vulnerable Software and Affected Versions: node-fetch versions prior to 3.2.10 Description: The issue is related to Inefficient Regular Expression Complexity, which can lead to a Regular Expression Denial of Service ReDoS in the isOriginPotentiallyTrustworthy function. This occurs whe...
Oracle Linux 7 : qemu (ELSA-2022-9669)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9669 advisory. - display/qxl-render: fix race condition in qxlcursor CVE-2021-4207 Mauro Matteo Cascella Orabug: 34049511 CVE-2021-4207 - ui/cursor: fix integer...
CVE-2022-1139
Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
CVE-2022-1139
Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
DEBIAN-CVE-2022-1139
Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
CVE-2022-1139
Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
UBUNTU-CVE-2022-1139
Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
CVE-2022-1139
CVE-2022-1139 refers to an inappropriate implementation in Chrome’s Background Fetch API that could allow a remote attacker to leak cross-origin data via a crafted HTML page. The issue is associated with Chrome/Chromium before version 100.0.4896.60 and was acknowledged in Google’s March 29, 2022 ...
CVE-2022-1139
Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page...