17 matches found
PT-2024-40855 · Jq · Jq
Name of the Vulnerable Software and Affected Versions: jq affected versions not specified Description: The issue is related to a heap buffer overflow read, which occurs in the jq software. The crash state indicates that the functions jv parse, f tonumber, and jq next are involved in the issue...
GHSA-29MW-WPGM-HMR9 Regular Expression Denial of Service (ReDoS) in lodash
All versions of package lodash prior to 4.17.21 are vulnerable to Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions. Steps to reproduce provided by reporter Liyuan Chen: js var lo = require'lodash'; function buildblankn var ret = "1" for var i = 0; i n; i++ r...
Regular Expression Denial of Service (ReDoS) in lodash
All versions of package lodash prior to 4.17.21 are vulnerable to Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions. Steps to reproduce provided by reporter Liyuan Chen: js var lo = require'lodash'; function buildblankn var ret = "1" for var i = 0; i n; i++ r...
nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions
A flaw was found in nodejs-lodash. A Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions is possible...
The vulnerability of the toNumber, trim, and trimEnd functions in the lodash library for application software from Aurora Center involves an uncontrolled resource consumption, allowing attackers to cause service failures.
The vulnerability of the toNumber, trim, and trimEnd functions in the lodash library for application software from Aurora Center involves an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures...
nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions
A flaw was found in nodejs-lodash. A Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions is possible...
CVE-2020-28500
A flaw was found in nodejs-lodash. A Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions is possible...
CVE-2020-28500
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions...
DEBIAN-CVE-2020-28500
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions...
CVE-2020-28500
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions...
Design/Logic Flaw
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions...
CVE-2020-28500
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions...
UBUNTU-CVE-2020-28500
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions...
CVE-2020-28500
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions...
CVE-2020-28500 Regular Expression Denial of Service (ReDoS)
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions...
Regular Expression Denial of Service (ReDoS)
Overview lodash is a modern JavaScript utility library delivering modularity, performance, & extras. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions. POC var lo = require'lodash'; function buildblank n var...
Regular Expression Denial of Service (ReDoS)
Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions. POC var lo = require'lodash'; function buildblank n var ret = "1" for var i = 0; i n; i++ ret += " " return ret + "1"; var s = buildblank50000 var...