EUVD-2023-0580

Malicious code in bioql PyPI...

Regular Expression Denial Of Service (ReDoS)

terminal-kit is vulnerable to regular expression denial of service. The vulnerability exists due to the insecure regex pattern used in multiple functions of the library, allowing an attacker to crash the application by providing a malicious strings such as '^'.repeatbigNumber...

8mb (>=1.0.1 <=1.1.4), @0x4447/broccoli (>=1.0.0 <=1.0.16) +605 more potentially affected by CVE-2021-4306 via terminal-kit (>=0.10.9 <=2.1.0)

terminal-kit NPM version =0.10.9, =1.0.1, =1.0.0, =2.0.0, =1.0.0, =1.18.0, =0.0.1, =0.1.0, =0.0.5, =1.0.0, =2.0.0 and more Source cves: CVE-2021-4306 Source advisory: OSV:GHSA-WXGH-8GMR-3QH3...

GHSA-WXGH-8GMR-3QH3 terminal-kit Inefficient Regular Expression Complexity vulnerability

A vulnerability classified as problematic has been found in cronvel terminal-kit up to 2.1.7. Affected is an unknown function. The manipulation leads to inefficient regular expression complexity. Upgrading to version 2.1.8 can address this issue. The name of the patch is...

terminal-kit Inefficient Regular Expression Complexity vulnerability

A vulnerability classified as problematic has been found in cronvel terminal-kit up to 2.1.7. Affected is an unknown function. The manipulation leads to inefficient regular expression complexity. Upgrading to version 2.1.8 can address this issue. The name of the patch is...

CVE-2021-4306

A vulnerability classified as problematic has been found in cronvel terminal-kit up to 2.1.7. Affected is an unknown function. The manipulation leads to inefficient regular expression complexity. Upgrading to version 2.1.8 is able to address this issue. The name of the patch is...

CVE-2021-4306

A vulnerability classified as problematic has been found in cronvel terminal-kit up to 2.1.7. Affected is an unknown function. The manipulation leads to inefficient regular expression complexity. Upgrading to version 2.1.8 is able to address this issue. The name of the patch is...

Design/Logic Flaw

A vulnerability classified as problematic has been found in cronvel terminal-kit up to 2.1.7. Affected is an unknown function. The manipulation leads to inefficient regular expression complexity. Upgrading to version 2.1.8 is able to address this issue. The name of the patch is...

CVE-2021-4306

The CVE-2021-4306 issue affects cronvel terminal-kit up to 2.1.7, with vulnerability to inefficient regular expression complexity (ReDoS) due to an unknown function. Impact is described as HIGH for availability (per CVSS) with network attack vector and no user interaction required. A fix is avail...

CVE-2021-4306 cronvel terminal-kit redos

A vulnerability classified as problematic has been found in cronvel terminal-kit up to 2.1.7. Affected is an unknown function. The manipulation leads to inefficient regular expression complexity. Upgrading to version 2.1.8 is able to address this issue. The name of the patch is...

Terminal Kit 安全漏洞

Terminal Kit is a command line tool for Node.js. A security vulnerability exists in Terminal Kit versions prior to 2.1.8, which stems from an unknown feature that operates to cause inefficient regular expression complexity...

PT-2023-12410 · Unknown · Cronvel Terminal-Kit

Name of the Vulnerable Software and Affected Versions: cronvel terminal-kit versions up to 2.1.7 Description: A vulnerability has been found in cronvel terminal-kit, where the manipulation leads to inefficient regular expression complexity. This issue affects an unknown function. Recommendations:...

Inefficient Regular Expression Complexity in cronvel/terminal-kit

Description I would like to report a Regular Expression Denial of Service ReDoS vulnerability in terminal-kit. It allows cause a denial of service when calling function markupWidth. The ReDoS vulnerability is mainly due to the regex /^^|^./g and can be exploited with the following code. Proof...