Lucene search
+L

45 matches found

osv
osv
added 2022/09/16 12:0 a.m.7 views

GHSA-8F8G-9J73-7P82 steal vulnerable to Prototype Pollution via optionName variable

Prototype pollution vulnerability in stealjs steal 2.2.4 via the optionName variable in main.js...

9.8CVSS5.9AI score0.0124EPSS
Exploits0References5
github
github
added 2022/09/16 12:0 a.m.23 views

steal vulnerable to Prototype Pollution via optionName variable

Prototype pollution vulnerability in stealjs steal 2.2.4 via the optionName variable in main.js...

9.8CVSS8.9AI score0.0124EPSS
Exploits0References5Affected Software1
github
github
added 2022/09/16 12:0 a.m.39 views

steal vulnerable to Regular Expression Denial of Service via input variable

A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal via the input variable in main.js...

7.5CVSS7.2AI score0.01055EPSS
Exploits0References5Affected Software1
nvd
nvd
added 2022/09/15 7:15 p.m.34 views

CVE-2022-37260

A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the input variable in main.js...

7.5CVSS0.01055EPSS
Exploits0References3
attackerkb
attackerkb
added 2022/09/15 7:15 p.m.5 views

CVE-2022-37260

A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the input variable in main.js...

7.5CVSS7AI score0.01055EPSS
Exploits0References4
prion
prion
added 2022/09/15 7:15 p.m.15 views

Input validation

A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the input variable in main.js...

5CVSS7.5AI score0.01055EPSS
Exploits0References3Affected Software1
osv
osv
added 2022/09/15 6:18 p.m.16 views

CVE-2022-37260

A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the input variable in main.js...

7.5CVSS7.5AI score0.01055EPSS
Exploits0References5
cvelist
cvelist
added 2022/09/15 6:18 p.m.38 views

CVE-2022-37260

A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the input variable in main.js...

7.7AI score0.01055EPSS
Exploits0References3
cve
cve
added 2022/09/15 6:18 p.m.49 views

CVE-2022-37260

CVE-2022-37260 describes a Regular Expression Denial of Service (ReDoS) in the StealJS module loader, specifically in steal 2.2.4 via the input variable in main.js. The CVSS 3.1 base score is 7.5 (HIGH), with attack vector NETWORK, attack complexity LOW, and no privileges or user interaction requ...

7.5CVSS7.4AI score0.01055EPSS
Exploits0References3Affected Software1
nvd
nvd
added 2022/09/15 4:15 p.m.18 views

CVE-2022-37264

Prototype pollution vulnerability in stealjs steal 2.2.4 via the optionName variable in main.js...

9.8CVSS0.0124EPSS
Exploits0References3
attackerkb
attackerkb
added 2022/09/15 4:15 p.m.5 views

CVE-2022-37262

A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the source and sourceWithComments variable in main.js...

7.5CVSS5.7AI score0.0112EPSS
Exploits0References4
prion
prion
added 2022/09/15 4:15 p.m.14 views

Denial of service

A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the source and sourceWithComments variable in main.js...

5CVSS7.5AI score0.0112EPSS
Exploits0References3Affected Software1
prion
prion
added 2022/09/15 4:15 p.m.12 views

Code injection

Prototype pollution vulnerability in stealjs steal 2.2.4 via the optionName variable in main.js...

7.5CVSS9.4AI score0.0124EPSS
Exploits0References3Affected Software1
osv
osv
added 2022/09/15 3:44 p.m.13 views

CVE-2022-37264

Prototype pollution vulnerability in stealjs steal 2.2.4 via the optionName variable in main.js...

9.8CVSS9.4AI score0.0124EPSS
Exploits0References5
cvelist
cvelist
added 2022/09/15 3:44 p.m.24 views

CVE-2022-37264

Prototype pollution vulnerability in stealjs steal 2.2.4 via the optionName variable in main.js...

9.7AI score0.0124EPSS
Exploits0References3
osv
osv
added 2022/09/15 3:37 p.m.16 views

CVE-2022-37262

A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the source and sourceWithComments variable in main.js...

7.5CVSS7.5AI score0.0112EPSS
Exploits0References5
cvelist
cvelist
added 2022/09/15 3:37 p.m.31 views

CVE-2022-37262

A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the source and sourceWithComments variable in main.js...

7.7AI score0.0112EPSS
Exploits0References3
cnnvd
cnnvd
added 2022/09/15 12:0 a.m.6 views

steal 安全漏洞

steal is StealJS open source an extensible general-purpose module loader . It can load JavaScript modules defined in ES6, AMD and CommonJS formats. A security vulnerability exists in steal 2.2.4, which originates from a StealJS Regular Expression Denial of Service ReDoS via the optionName variabl...

9.8CVSS8.3AI score0.0124EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2022/09/15 12:0 a.m.4 views

PT-2022-23904 · Stealjs · Stealjs

Name of the Vulnerable Software and Affected Versions: stealjs steal version 2.2.4 Description: The issue is related to a prototype pollution vulnerability. It affects stealjs steal via the optionName variable in main.js. Recommendations: For stealjs steal version 2.2.4, consider restricting acce...

9.8CVSS9.2AI score0.0124EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2022/09/15 12:0 a.m.6 views

PT-2022-23902 · Stealjs · Stealjs

Name of the Vulnerable Software and Affected Versions: stealjs steal version 2.2.4 Description: A Regular Expression Denial of Service ReDoS flaw was found in the input variable in main.js. This issue can cause a denial of service. Recommendations: For version 2.2.4, consider restricting the inpu...

7.5CVSS7.3AI score0.01055EPSS
Exploits0References7
Rows per page
Query Builder