Lucene search
K

10 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/29 6:37 a.m.14 views

Malicious code in tiny-naturalsort (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ecbb6057e556f6985eb20768788e9f7dcf6146b3fdbe703653ce0d52c2a4a31 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
Snyk
Snyk
added 2026/05/29 6:37 a.m.12 views

Malicious Package

Overview tiny-naturalsort is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/29 6:37 a.m.6 views

MAL-2026-5030 Malicious code in tiny-naturalsort (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ecbb6057e556f6985eb20768788e9f7dcf6146b3fdbe703653ce0d52c2a4a31 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-0519

Malicious code in bioql PyPI...

7.5CVSS5AI score0.00927EPSS
Exploits0References6
OSV
OSV
added 2023/01/02 9:31 a.m.15 views

GHSA-PFRM-4RJW-G9Q5 string-kit Inefficient Regular Expression Complexity vulnerability

A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...

7.5CVSS7.5AI score0.00927EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2023/01/02 9:31 a.m.31 views

string-kit Inefficient Regular Expression Complexity vulnerability

A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...

7.5CVSS4.1AI score0.00927EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2023/01/02 8:15 a.m.18 views

CVE-2021-4299

A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...

7.5CVSS5.3AI score0.00927EPSS
Exploits0References4
Prion
Prion
added 2023/01/02 8:15 a.m.14 views

Design/Logic Flaw

A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...

5CVSS7.6AI score0.00927EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/02 12:0 a.m.7 views

PT-2023-12403 · Unknown · Cronvel String-Kit

Name of the Vulnerable Software and Affected Versions: cronvel string-kit versions up to 0.12.7 Description: A problematic issue was found in the naturalSort function of the lib/naturalSort.js file, leading to inefficient regular expression complexity. The attack can be initiated remotely...

7.5CVSS5AI score0.00927EPSS
Exploits0References8
Huntr
Huntr
added 2021/07/18 5:33 p.m.14 views

Inefficient Regular Expression Complexity in cronvel/string-kit

✍️ Description A ReDoS regular expression denial of service flaw was found in the string-kit package. An attacker that is able to provide crafted input to the naturalSort function may cause an application to consume an excessive amount of CPU. 🕵️‍♂️ Proof of Concept Create the following PoC file:...

1.2AI score
Exploits0
Rows per page
Query Builder