MiracleLinux 7 : rh-nodejs12-nodejs-nodemon-2.0.3-5.el7, rh-nodejs12-nodejs-12.22.5-1.el7 (AXSA:2021-2386:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2386:03 advisory. nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22930 nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22940...

MiracleLinux 7 : rh-nodejs14-nodejs-nodemon-2.0.3-5.el7, rh-nodejs14-nodejs-14.17.5-1.el7 (AXSA:2021-2387:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2387:02 advisory. nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22930 nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22940...

EUVD-2021-1748

Malware in sbrugna...

RHEL 8 : nodejs-path-parse (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe CVE-2021-23343 Note that Nessus has not...

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-23343 DESCRIPTION: path-parse is vulnerable to a denial of service. By sending a specially-crafted request via splitDeviceRe, splitTailRe, and splitPathRe regular expressions, a remote...

SUSE CVE-2021-23343

All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

Rocky Linux 8 : nodejs:14 (RLSA-2021:3666)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3666 advisory. - Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host...

nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

RHEL 7 : rh-nodejs12-nodejs and rh-nodejs12-nodejs-nodemon (RHSA-2021:3281)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3281 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

Regular Expression Denial of Service in path-parse

Overview Affected versions of path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity. Recommendation Upgrade to version 1.0.7 or later References - CVE - GitH...

GHSA-HJ48-42VR-X3V9 Regular Expression Denial of Service in path-parse

Affected versions of npm package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

960.css (=1.0.0), @4site/engrid-styles (>=0.2.19 <=0.2.24) +124 more potentially affected by CVE-2021-23343 via path-parse (>=1.0.5 <=1.0.6)

path-parse NPM version =1.0.5, =0.2.19, =0.1.1, =7.0.0, =0.2.0, =0.17.0, =0.17.0, =0.19.0, =0.17.0, =0.23.0, =0.17.0, =0.17.0, =0.17.1 - @choerodon/issue =0.17.0 and more Source cves: CVE-2021-23343 Source advisory: OSV:GHSA-HJ48-42VR-X3V9...

Regular Expression Denial of Service in path-parse

Affected versions of npm package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

Moderate: Red Hat Security Advisory: RHV Manager (ovirt-engine) security update [ovirt-4.4.7]

Updated ovirt-engine packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...