Lucene search
K

53 matches found

NVD
NVD
added 2 days ago5 views

CVE-2026-56017

JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp versus division disambiguator in JsTokenizeString XS.xs inspects the previous token's last byte to choose between a regexp literal and a...

7.5CVSS0.00488EPSS
Exploits0References2
NVD
NVD
added 2 days ago5 views

CVE-2026-56018

JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify, allowing unbounded memory growth. In JsMinify XS.xs the cleanup frees only the NodeSet structures and never the per-token contents buffers allocated in JsSetNodeContents; JsDiscardNode unlinks nodes withou...

7.5CVSS0.00609EPSS
Exploits0References3
NVD
NVD
added 2 days ago7 views

CVE-2026-13593

CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away. The minify function has a memory leak when processing a document containing only characters to be removed, such as comments and whitespace...

6.5CVSS0.00238EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2 days ago3 views

CVE-2026-56018

JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify, allowing unbounded memory growth. In JsMinify XS.xs the cleanup frees only the NodeSet structures and never the per-token contents buffers allocated in JsSetNodeContents; JsDiscardNode unlinks nodes withou...

7.5CVSS5.9AI score0.00609EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-56018

JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify, allowing unbounded memory growth. In JsMinify XS.xs the cleanup frees only the NodeSet structures and never the per-token contents buffers allocated in JsSetNodeContents; JsDiscardNode unlinks nodes withou...

7.5CVSS5.9AI score0.00609EPSS
Exploits0References3
CVE
CVE
added 2 days ago5 views

CVE-2026-56018

CVE-2026-56018 concerns JavaScript::Minifier::XS for Perl with memory leak in versions before 0.16. The root cause is that, in JsMinify (XS.xs), cleanup frees only NodeSet structures but not per-token contents buffers, and JsDiscardNode unlinks nodes without freeing their contents. As a result, e...

7.5CVSS5.9AI score0.00609EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-56017

JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp versus division disambiguator in JsTokenizeString XS.xs inspects the previous token's last byte to choose between a regexp literal and a...

7.5CVSS5.8AI score0.00488EPSS
Exploits0References2
CVE
CVE
added 2 days ago5 views

CVE-2026-56017

JavaScript::Minifier::XS (Perl) is affected in versions before 0.16. The vulnerability arises when the first meaningful token is a slash; the JsTokenizeString logic examines the previous token and, with no valid preceding token, dereferences a NULL pointer, causing a crash. The public minify() AP...

7.5CVSS5.8AI score0.00488EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2 days ago5 views

CVE-2026-56017

JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp versus division disambiguator in JsTokenizeString XS.xs inspects the previous token's last byte to choose between a regexp literal and a...

7.5CVSS5.8AI score0.00488EPSS
Exploits0
Debian CVE
Debian CVE
added 2 days ago3 views

CVE-2026-13593

CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away. The minify function has a memory leak when processing a document containing only characters to be removed, such as comments and whitespace...

6.5CVSS5.8AI score0.00238EPSS
Exploits0
CVE
CVE
added 2 days ago7 views

CVE-2026-13593

CVE-2026-13593 affects CSS::Minifier::XS before 0.14 for Perl. The vulnerability is a memory leak in the minify function when processing a document containing only characters to be removed (e.g., comments/whitespace). Impact is a leak during minification of such input; no exploitation details or ...

6.5CVSS5.8AI score0.00238EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-53733

Name of the Vulnerable Software and Affected Versions JavaScript::Minifier::XS versions prior to 0.16 Description An issue exists where memory is leaked during every call to the minify function. In the XS.xs component, the cleanup process only frees NodeSet structures and fails to free per-token...

7.5CVSS5.8AI score0.00609EPSS
Exploits0References5
OSV
OSV
added 2026/06/04 7:49 p.m.10 views

ROOT-APP-NPM-CVE-2022-37620 CVE-2022-37620 in @rootio/html-minifier - Patched by Root

Root has patched CVE-2022-37620 in the @rootio/html-minifier package for Root:npm. Multiple fixed versions available...

7.5CVSS5.8AI score0.01092EPSS
Exploits0
Fedora
Fedora
added 2025/12/30 1:14 a.m.9 views

[SECURITY] Fedora 42 Update: golang-github-evanw-esbuild-0.24.2-4.fc42

This is a JavaScript bundler and minifier. It packages up JavaScript and TypeScript code for distribution on the web...

7.5CVSS7.2AI score0.00626EPSS
Exploits1
Fedora
Fedora
added 2025/12/30 12:38 a.m.6 views

[SECURITY] Fedora 43 Update: golang-github-evanw-esbuild-0.24.2-6.fc43

This is a JavaScript bundler and minifier. It packages up JavaScript and TypeScript code for distribution on the web...

7.5CVSS7.2AI score0.00626EPSS
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-178281

Malicious code in jekyll-deneb-uglify-js-paleobotany npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-7144

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01092EPSS
Exploits0References6
NVD
NVD
added 2025/09/11 8:15 a.m.5 views

CVE-2025-9073

The All in one Minifier plugin for WordPress is vulnerable to SQL Injection via the 'postid' parameter in all versions up to, and including, 3.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.5CVSS0.004EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/11 7:24 a.m.10 views

CVE-2025-9073 All in one Minifier <= 3.2 - Unauthenticated SQL Injection

The All in one Minifier plugin for WordPress is vulnerable to SQL Injection via the 'postid' parameter in all versions up to, and including, 3.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.5CVSS0.004EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/09/11 2:26 a.m.6 views

WordPress All in one Minifier plugin <= 3.2 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by p0cket in WordPress Plugin All in one Minifier versions = 3.2...

7.5CVSS7.8AI score0.004EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder