EUVD-2022-7187

Malicious code in bioql PyPI...

@magicfinn/gatsby-theme-finn-default (>=1.0.0 <=2.0.40), @panstav/ozen-dashboard-shared (>=0.0.2 <=0.0.7) potentially affected by CVE-2022-35923 via v8n (>=1.2.3 <=1.3.3)

v8n NPM version =1.2.3, =1.0.0, =0.0.2, =0.0.7 Source cves: CVE-2022-35923 Source advisory: OSV:GHSA-XRX9-GJ26-5WX9...

v8n 安全漏洞

v8n is a JavaScript validation library by the individual developer Bruno C. Couto. A security vulnerability exists in versions of v8n prior to 1.5.1, which stems from the fact that the low complexity of its lowercase and uppercase regular expressions may lead to denial-of-service attacks...