75 matches found
Regular Expression Denial Of Service (ReDoS)
loader-utils is vulnerable to regular expression denial of service. The vulnerability exists due to the insecure regex pattern used for the resourcePath variable in interpolateName.js, allowing an attacker to crash the application by providing a malicious input...
CVE-2022-37601
Prototype pollution in webpack loader-utils: parseQuery.js via the name variable affects all versions prior to 1.4.1 and 2.0.3. CVSS v3.1 base score 9.8 (CRITICAL) with high impact on confidentiality, integrity, and availability. Remediation: upgrade loader-utils to 1.4.1+ or 2.0.3+ (patched vers...
CVE-2022-37601
Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3...
CVE-2022-37601
Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3...
PT-2022-24022 · Webpack +2 · Loader-Utils +2
Name of the Vulnerable Software and Affected Versions: loader-utils versions prior to 1.4.1 loader-utils versions prior to 2.0.3 Description: The issue is related to a prototype pollution vulnerability in the parseQuery function within parseQuery.js in webpack loader-utils. This vulnerability is...
CVE-2022-37601
Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3...
CVE-2022-37599
A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js...
DEBIAN-CVE-2022-37599
A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js...
CVE-2022-37599
A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js...
CVE-2022-37599
A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js...
Denial of service
A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js...
PT-2022-24021 · Webpack +1 · Loader-Utils +1
Name of the Vulnerable Software and Affected Versions: webpack loader-utils version 2.0.0 Description: A Regular expression denial of service ReDoS flaw was found in the interpolateName function in interpolateName.js via the resourcePath variable. This issue could be exploited by sending crafted...
CVE-2022-37599
A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js...
CVE-2022-37599
CVE-2022-37599: A ReDoS in Function interpolateName (interpolateName.js) in webpack loader-utils 2.0.0 is triggered via the resourcePath variable in interpolateName.js. The Nessus/Confluence entry explicitly ties this CVE to affected Confluence deployments using webpack loader-utils, describing a...
Malicious Package
Overview test-loader-utils is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...