CVE-2026-44245 Kyverno: [policy-reporter-ui] XSS via Stored Property Values in PropertyCard Component

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to 2.5.2, Vue 3's v-html directive is the framework-documented mechanism for injecting raw HTML, and it intentionally disables the auto-escaping that interpolation provides. The PropertyCard.vue component uses...

CVE-2026-44232

DSSRF is a Node.js library that provides a wide range of utilities and advanced SSRF defense checks. Prior to 1.3.0, every IPv6 category bypasses isurlsafe. This vulnerability is fixed in 1.3.0...

NPM: dssrf: every IPv6 category bypasses is_url_safe

NPM: dssrf: every IPv6 category bypasses isurlsafe vulnerability discovered by ? in WordPress Npm dssrf versions 1.3.0...

EUVD-2023-0757

Malicious code in bioql PyPI...

CVE-2018-25079

A flaw was found in the is-url package. The manipulation leads to inefficient regular expression complexity...

@chenng/recognition (=1.0.0), @evelaguti/uberocr (>=0.0.1 <=0.0.3) +71 more potentially affected by CVE-2018-25079 via is-url (>=0.1.0 <=1.2.2)

is-url NPM version =0.1.0, =0.0.1, =1.0.1, =0.4.0, =0.1.1, =0.1.0, =0.0.4, =0.0.1, =1.0.5, =0.4.0, =0.4.0, =0.1.0, =0.1.4 and more Source cves: CVE-2018-25079 Source advisory: OSV:GHSA-P9W8-2MPQ-49H9...

is-url Inefficient Regular Expression Complexity vulnerability

A vulnerability was found in Segmentio is-url up to 1.2.2. It has been rated as problematic. Affected by this issue is an unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. Upgrading to version 1.2....

GHSA-P9W8-2MPQ-49H9 is-url Inefficient Regular Expression Complexity vulnerability

A vulnerability was found in Segmentio is-url up to 1.2.2. It has been rated as problematic. Affected by this issue is an unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. Upgrading to version 1.2....

CVE-2018-25079

A vulnerability was found in Segmentio is-url up to 1.2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. Upgrading to version...

CVE-2018-25079

A vulnerability was found in Segmentio is-url up to 1.2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. Upgrading to version...

Information disclosure

A vulnerability was found in Segmentio is-url up to 1.2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. Upgrading to version...

CVE-2018-25079 Segmentio is-url index.js redos

A vulnerability was found in Segmentio is-url up to 1.2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. Upgrading to version...

CVE-2018-25079

The CVE-2018-25079 entry concerns Segmentio is-url up to version 1.2.2. The issue is in an unknown function within index.js that causes inefficient regular expression complexity (redos). Impact is remote exploitation with potential denial of service risk (high availability impact) as per the CVSS...

is-url 安全漏洞

is-url is a library for detecting whether a string is a URL. A security vulnerability exists in Segmentio is-url versions prior to 1.2.3, which stems from a problem with an unknown function in the file index.js that causes inefficient regular expression complexity...

PT-2023-10820 · Segmentio · Is-Url

Name of the Vulnerable Software and Affected Versions: Segmentio is-url versions up to 1.2.2 Description: A vulnerability was found in the file index.js, leading to inefficient regular expression complexity. The attack may be launched remotely. Recommendations: For versions up to 1.2.2, upgrade t...

Regular Expression Denial Of Service (ReDoS)

is-url is vulenrable to regular expression denial of service ReDoS. An attacker is able to create a denial of service condition on the server via a specially crafted URL...