6 matches found
CVE-2022-37262
A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the source and sourceWithComments variable in main.js...
CVE-2022-37260
A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the input variable in main.js...
CVE-2022-37259
A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the string variable in babel.js...
CVE-2022-37262
A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the source and sourceWithComments variable in main.js...
PT-2022-23898 · Stealjs · Stealjs
Name of the Vulnerable Software and Affected Versions: stealjs steal version 2.2.4 Description: The issue is related to a prototype pollution vulnerability in the convertLater function in npm-convert.js. This vulnerability is exploited via the requestedVersion variable in npm-convert.js...
steal 安全漏洞
steal is StealJS open source an extensible general-purpose module loader . It can load JavaScript modules defined in ES6, AMD and CommonJS formats. A security vulnerability exists in steal 2.2.4, which originates from a StealJS Regular Expression Denial of Service ReDoS via the optionName variabl...