Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2021/12/10 7:2 p.m.5 views

02-infrastructure (=1.0.0), 02vue_toast_demo (>=1.0.0 <=1.0.4) +11734 more potentially affected by CVE-2021-29059 via is-svg (>=2.1.0 <=4.2.2)

is-svg NPM version =2.1.0, =1.0.0, =1.0.4, =5.0.0, =1.0.3, =0.0.1, =1.0.2, =2.0.0, =1.1.8, =1.0.0, =1.0.4 - 4design =0.0.1 and more Source cves: CVE-2021-29059 Source advisory: OSV:GHSA-R8J5-H5CX-65GG...

7.5CVSS7.1AI score0.02813EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2021/03/19 9:25 p.m.4 views

02-infrastructure (=1.0.0), 02vue_toast_demo (>=1.0.0 <=1.0.4) +11729 more potentially affected by CVE-2021-28092 via is-svg (>=2.1.0 <=4.2.1)

is-svg NPM version =2.1.0, =1.0.0, =1.0.4, =5.0.0, =1.0.3, =0.0.1, =1.0.2, =2.0.0, =1.1.8, =1.0.0, =1.0.4 - 4design =0.0.1 and more Source cves: CVE-2021-28092 Source advisory: OSV:GHSA-7R28-3M3F-R2PR...

7.5CVSS7.1AI score0.02168EPSS
Exploits0
OSV
OSV
added 2021/03/19 9:25 p.m.4 views

GHSA-7R28-3M3F-R2PR Regular Expression Denial of Service (ReDoS)

The is-svg package 2.1.0 through 4.2.1 for Node.js uses a regular expression that is vulnerable to Regular Expression Denial of Service ReDoS. If an attacker provides a malicious string, is-svg will get stuck processing the input...

7.5CVSS7.1AI score0.02168EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2021/03/17 5:53 p.m.7 views

02-infrastructure (=1.0.0), 02vue_toast_demo (>=1.0.0 <=1.0.4) +11734 more potentially affected by CVE-2021-28092 +1 more via is-svg (>=2.1.0 <=4.2.2)

is-svg NPM version =2.1.0, =1.0.0, =1.0.4, =5.0.0, =1.0.3, =0.0.1, =1.0.2, =2.0.0, =1.1.8, =1.0.0, =1.0.4 - 4design =0.0.1 and more Source cves: CVE-2021-28092, CVE-2021-29059 Source advisory: SNYK:JS-ISSVG-1243891...

7.5CVSS7.1AI score0.02813EPSS
Exploits1
Veracode
Veracode
added 2021/03/15 6:24 a.m.34 views

Regular Expression Denial Of Service (ReDoS)

is-svg is vulnerable to regular expression denial of service. An attacker is able to crash the application via a malicious SVG/XML document due to the usage of an insecure regular expression...

7.5CVSS3.6AI score0.02168EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder