Malicious Package

Overview @captivateiq/handsontable-ciq is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

EUVD-2021-2071

Malware in sbrugna...

MAL-2024-10311 Malicious code in @captivateiq/handsontable-ciq (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ff5087a0a343a66ce310683b4fd7d9e169476f92ada3408d8dcc63fa1da6645a The OpenSSF Package Analysis project identified '@captivateiq/handsontable-ciq' @ 152.1.5 npm as malicious. It is considered malicious because: ...

Malicious code in @captivateiq/handsontable-ciq (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ff5087a0a343a66ce310683b4fd7d9e169476f92ada3408d8dcc63fa1da6645a The OpenSSF Package Analysis project identified '@captivateiq/handsontable-ciq' @ 152.1.5 npm as malicious. It is considered malicious because: ...

Malicious Package

Overview handsontable-examples is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

Malicious code in handsontable-examples (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b13becaf408b798f3fe3a45b3f4a3ecd67fe94558f3eeccf71d430337eff600f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-3557 Malicious code in handsontable-examples (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b13becaf408b798f3fe3a45b3f4a3ecd67fe94558f3eeccf71d430337eff600f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Inefficient Regular Expression Complexity in handsontable

The package handsontable from 0 and before 10.0.0 are vulnerable to Regular Expression Denial of Service ReDoS in Handsontable.helper.isNumeric function...

@daedalus/angular-handsontable (>=1.0.1 <=1.0.5), @hpcc-js/handson (>=0.0.1 <=0.0.44) +53 more potentially affected by CVE-2021-23446 via handsontable (>=0.25.1 <=0.38.1)

handsontable NPM version =0.25.1, =1.0.1, =0.0.1, =1.0.2, =0.1.0, =0.1.0, =1.0.0-beta1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.1.11, =1.1.12 and more Source cves: CVE-2021-23446 Source advisory: OSV:GHSA-HF66-R44G-P7J9...

GHSA-HF66-R44G-P7J9 Inefficient Regular Expression Complexity in handsontable

The package handsontable from 0 and before 10.0.0 are vulnerable to Regular Expression Denial of Service ReDoS in Handsontable.helper.isNumeric function...

Regular Expression Denial Of Service (ReDoS)

handsontable is vulnerable to regular expression denial of service. An attacker is able to exploit the vulnerability to crash the system by sending an empty string to the Handsontable.helper.isNumeric function...

CVE-2021-23446

The package handsontable before 10.0.0; the package handsontable from 0 and before 10.0.0 are vulnerable to Regular Expression Denial of Service ReDoS in Handsontable.helper.isNumeric function...

Design/Logic Flaw

The package handsontable before 10.0.0; the package handsontable from 0 and before 10.0.0 are vulnerable to Regular Expression Denial of Service ReDoS in Handsontable.helper.isNumeric function...

CVE-2021-23446

CVE-2021-23446 affects Handsontable (a JavaScript data grid) where the vulnerability is a Regular Expression Denial of Service (ReDoS) in the function Handsontable.helper.isNumeric. Affected versions are Handsontable

CVE-2021-23446 Regular Expression Denial of Service (ReDoS)

The package handsontable before 10.0.0; the package handsontable from 0 and before 10.0.0 are vulnerable to Regular Expression Denial of Service ReDoS in Handsontable.helper.isNumeric function...

handsontable 安全漏洞

Handsontable is a JavaScript data grid component for web applications from the Polish Handsoncode team. A security vulnerability exists in handsontable that arises from improper design or implementation during code development of a web system or product...

PT-2021-15530 · Unknown · Handsontable

Name of the Vulnerable Software and Affected Versions: handsontable versions 0 through 10.0.0 excluding 10.0.0 Description: The issue concerns a Regular Expression Denial of Service ReDoS in the Handsontable.helper.isNumeric function. This affects the handsontable package, making it vulnerable to...

Regular Expression Denial of Service (ReDoS)

Overview Handsontable is a data grid component with an Excel-like appearance. Built in JavaScript, it integrates with any data source and comes with features like data validation, sorting, grouping, data binding or column ordering. Affected versions of this package are vulnerable to Regular...

@daedalus/angular-handsontable (>=1.0.1 <=1.0.5), @hpcc-js/handson (>=0.0.1 <=0.0.44) +53 more potentially affected by CVE-2021-23446 via handsontable (>=0.25.1 <=0.38.1)

handsontable NPM version =0.25.1, =1.0.1, =0.0.1, =1.0.2, =0.1.0, =0.1.0, =1.0.0-beta1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.1.11, =1.1.12 and more Source cves: CVE-2021-23446 Source advisory: SNYK:JS-HANDSONTABLE-1726770...

Regular Expression Denial of Service (ReDoS)

Overview handsontable is a JavaScript Spreadsheet Component available for React, Angular and Vue. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in Handsontable.helper.isNumeric function. Details Denial of Service DoS describes a family of attacks,...