CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

72 matches found

Cvelist•added 2024/11/13 5:0 a.m.•21 views

CVE-2024-21540

...

Exploits0

CNNVD•added 2024/11/13 12:0 a.m.•2 views

编号撤回

npm Source Map Support is a library from npm USA. This CVE number has been withdrawn...

6.5AI score

Exploits0References3

OSV•added 2024/06/25 1:1 p.m.•5 views

MAL-2024-3034 Malicious code in source-map-sync-tool (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score

Exploits0

OSSF Malicious Packages•added 2024/06/25 1:1 p.m.•2 views

Malicious code in source-map-sync-tool (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score

Exploits0

Tenable Nessus•added 2023/12/18 12:0 a.m.•10 views

JavaScript Source Map Detected

Developers often combine and minify their application JavaScript sources to help the server delivering it more efficiently to the client browsers. Sometimes, web applications JavaScript code may also be transpiled from another language like CoffeeScript of TypeScript. A source map is a file that...

7.4AI score

Exploits0

Snyk•added 2023/12/07 10:0 p.m.•2 views

Directory Traversal

Amendment This was deemed not a vulnerability. Overview Affected versions of this package are vulnerable to Directory Traversal in the retrieveSourceMap function. Note: This issue is not a vulnerability because no real attack scenario can happen in the context of the package, where the developer...

8.7CVSS7.6AI score

Exploits0References2

OSV•added 2022/12/22 8:15 p.m.•2 views

CVE-2022-28283

The sourceMapURL feature in devtools was missing security checks that would have allowed a webpage to attempt to include local files or other files that should have been inaccessible. This vulnerability affects Firefox 99...

6.5CVSS7.3AI score0.00323EPSS

Exploits1References2

OSV•added 2022/08/19 3:55 a.m.•5 views

MAL-2022-6349 Malicious code in suorce-map (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0701cc6f6fa29d40dc09dd9424ce2419cb2621996a99965b425ffd32ca243985 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score

Exploits0References1

OSSF Malicious Packages•added 2022/08/19 3:55 a.m.•3 views

Malicious code in suorce-map (npm)

6.9AI score

Exploits0References1

BDU FSTEC•added 2022/07/26 12:0 a.m.•1 views

The vulnerability of the sourceMapURL function in the DevTools set of web development tools for the Firefox browser allows attackers to disclose sensitive information.

The vulnerability of the sourceMapURL function in the DevTools browser extension for web development is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

5.4CVSS6.7AI score0.00323EPSS

Exploits1References5Affected Software2

OSV•added 2022/04/07 9:5 p.m.•0 views

USN-5370-1 firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, execute script unexpectedly, obtain sensitive information, conduct spoofing attacks, or execute arbitrary...

8.8CVSS7AI score0.15741EPSS

Exploits8References12

OSV•added 2022/04/07 12:0 a.m.•0 views

UBUNTU-CVE-2022-28283

6.5CVSS7.3AI score0.00323EPSS

Exploits1References4

CNNVD•added 2022/04/05 12:0 a.m.•0 views

Mozilla Firefox 安全特征问题漏洞

Mozilla Firefox is an open source Web browser from the Mozilla Foundation. Mozilla Firefox is vulnerable to a security feature issue that stems from a lack of security checks in the sourceMapURL feature of devtools. A remote attacker could use the vulnerability to trick a victim into performing...

6.5CVSS8.3AI score0.00323EPSS

Exploits1References7

Node.js•added 2021/05/10 3:38 p.m.•97 views

Regular Expression Denial of Service

Overview postcss from 7.0.0 and before version 7.0.36 and 8.2.10 is vulnerable to Regular Expression Denial of Service ReDoS during source map parsing. Recommendation Upgrade to version 8.2.10 or later References - CVE - GitHub Advisory...

5CVSS4.9AI score0.01009EPSS

Exploits1Affected Software1

OSV•added 2021/05/10 3:29 p.m.•0 views

GHSA-HWJ9-H5MP-3PM3 Regular Expression Denial of Service in postcss

The npm package postcss from 7.0.0 and before versions 7.0.36 and 8.2.10 is vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

5.3CVSS7.1AI score0.01009EPSS

Exploits1References12

Github Security Blog•added 2021/05/10 3:29 p.m.•48 views

Regular Expression Denial of Service in postcss

The npm package postcss from 7.0.0 and before versions 7.0.36 and 8.2.10 is vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

5.3CVSS4.4AI score0.01009EPSS

Exploits1References13Affected Software1

Veracode•added 2021/04/13 6:56 a.m.•28 views

Regular Expression Denial Of Service (ReDoS)

postcss is vulnerable to regular expression denial of service. The usage of an insecure regular expression in source map parsing allows an attacker to cause a denial of service condition using a URL...

5.3CVSS5AI score0.01009EPSS

Exploits1References14Affected Software2

OSV•added 2021/04/12 2:15 p.m.•19 views

CVE-2021-23368

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

5.3CVSS6.6AI score

Exploits0References10

OSV•added 2021/04/12 2:15 p.m.•1 views

DEBIAN-CVE-2021-23368

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

5.3CVSS6.6AI score0.01009EPSS

Exploits1References1