10 matches found
Malicious code in tiny-naturalsort (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ecbb6057e556f6985eb20768788e9f7dcf6146b3fdbe703653ce0d52c2a4a31 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview tiny-naturalsort is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-5030 Malicious code in tiny-naturalsort (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ecbb6057e556f6985eb20768788e9f7dcf6146b3fdbe703653ce0d52c2a4a31 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2023-0519
Malicious code in bioql PyPI...
GHSA-PFRM-4RJW-G9Q5 string-kit Inefficient Regular Expression Complexity vulnerability
A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...
string-kit Inefficient Regular Expression Complexity vulnerability
A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...
CVE-2021-4299
A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...
Design/Logic Flaw
A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...
PT-2023-12403 · Unknown · Cronvel String-Kit
Name of the Vulnerable Software and Affected Versions: cronvel string-kit versions up to 0.12.7 Description: A problematic issue was found in the naturalSort function of the lib/naturalSort.js file, leading to inefficient regular expression complexity. The attack can be initiated remotely...
Inefficient Regular Expression Complexity in cronvel/string-kit
✍️ Description A ReDoS regular expression denial of service flaw was found in the string-kit package. An attacker that is able to provide crafted input to the naturalSort function may cause an application to consume an excessive amount of CPU. 🕵️♂️ Proof of Concept Create the following PoC file:...