15 matches found
EUVD-2021-0605
Malware in sbrugna...
Security Bulletin: Open Source Dependency Vulnerability
Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-23346 DESCRIPTION: Node.js html-parse-stringify and html-parse-stringify2 modules are vulnerable to a denial of service, caused by a regular expression denial of service ReDoS. By sending...
Security Bulletin: Multiple vulnerabilities in software used in node.js affect Cloud Pak System
Summary Multiple vulnerabilities found in follow-redirect, html-parse-stringify2, nth-check, pycrypto affect Cloud Pak System. IBM Cloud Pak System has addressed those vulnerabilities. Vulnerability Details CVEID:CVE-2021-23346 DESCRIPTION: Node.js html-parse-stringify and html-parse-stringify2...
@amoy/query-components (>=1.0.0 <=1.0.8), @cortezaproject/corteza-ext-renderer (>=2020.3.0 <=2020.12.0) +46 more potentially affected by CVE-2021-23346 via html-parse-stringify (>=1.0.1 <=1.0.3)
html-parse-stringify NPM version =1.0.1, =1.0.0, =2020.3.0, =2020.3.0-rc.8, =0.3.0, =4.0.0, =2.0.7, =4.0.22, =3.0.4, =14.10.3, =1.0.0, =1.0.0, =6.9.17, =1.0.0, =3.0.0-rc.2 and more Source cves: CVE-2021-23346 Source advisory: OSV:GHSA-545Q-3FG6-48M7...
GHSA-545Q-3FG6-48M7 html-parse-stringify and html-parse-stringify2 vulnerable to Regular expression denial of service (ReDoS)
This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process...
html-parse-stringify and html-parse-stringify2 vulnerable to Regular expression denial of service (ReDoS)
This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process...
CVE-2021-23346
This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process...
CVE-2021-23346
This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process...
CVE-2021-23346 Regular Expression Denial of Service (ReDoS)
This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process...
CVE-2021-23346
CVE-2021-23346 affects Node.js packages html-parse-stringify and html-parse-stringify2. The vulnerability is a Regular Expression DoS (ReDoS) due to backtracking in parsing regex, which can cause the process to freeze and lead to a denial of service. IBM IBM Cloud Pak for Security CP4S versions 1...
CVE-2021-23346
This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process...
html-parse-stringify 安全漏洞
Henrik Joreteg html-parse-stringify is an open source application by Henrik Joreteg. It provides a way to quickly parse HTML into an AST and stringify it to a raw string. A security vulnerability exists in html-parse-stringify before 2.0.1, which stems from the fact that sending certain inputs ma...
Regular Expression Denial of Service (ReDoS)
Overview html-parse-stringify is a https://github.com/henrikjoreteg/html-parse-stringify Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing...
4talent-questions-shortlist (=1.3.3), @42.nl/ui (>=1.0.7 <=1.0.9) +624 more potentially affected by CVE-2021-23346 via html-parse-stringify2 (=2.0.1)
html-parse-stringify2 NPM version =2.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on html-parse-stringify2 and may be impacted: - 4talent-questions-shortlist =1.3.3 - @42.nl/ui =1.0.7, =5.0.1, =0.1.0, =1.0.0, =0.2.0-alpha.1, =0.1.2, =0.9.9, =0.9.9,...
Regular Expression Denial of Service (ReDoS)
Overview html-parse-stringify2 is a This is a fork of html-parse-stringify Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process...