CVE-2021-40893

CVE-2021-40893 describes a ReDOS vulnerability in the Node.js library validate-data v0.1.1 triggered while validating crafted invalid emails. Root cause: improper handling during email validation leads to excessive backtracking. Impact: potential Denial of Service. Affected component: validate-da...

CVE-2021-40892

A Regular Expression Denial of Service ReDOS vulnerability was discovered in validate-color v2.1.0 when handling crafted invalid rgba strings...

CVE-2021-40892

A Regular Expression Denial of Service ReDOS vulnerability was discovered in validate-color v2.1.0 when handling crafted invalid rgba strings...

Denial of service

A Regular Expression Denial of Service ReDOS vulnerability was discovered in validate-color v2.1.0 when handling crafted invalid rgba strings...

CVE-2021-40892

A Regular Expression Denial of Service ReDOS vulnerability was discovered in validate-color v2.1.0 when handling crafted invalid rgba strings...

CVE-2021-40892

CVE-2021-40892 affects validate-color version 2.1.0. A Regular Expression Denial of Service (ReDoS) occurs when handling crafted invalid rgb(a) strings, attributed to the validateHTMLColorRgb pathway. Impact described as denial of service; no explicit exploit details beyond input crafting. No con...

PT-2022-11320 · Unknown · Validate-Color

Name of the Vulnerable Software and Affected Versions: validate-color version 2.1.0 Description: A Regular Expression Denial of Service ReDOS issue was found in the handling of crafted invalid rgba strings. Recommendations: For version 2.1.0, at the moment, there is no information about a newer...

validate-data 安全漏洞

validate-data is a NodeJs backend library by Anoop P R Individual Developer. It is used to validate data according to the provided rules. A denial of service vulnerability exists in validate-data version v0.1.1, which stems from not properly handling incoming error messages and can be exploited b...

validate-color 安全漏洞

validate-color is a Norwegian Wallace Sidhrée personal developer for validating HTML colors. A denial of service vulnerability exists in validate-color version v2.1.0, which can be exploited to cause a Regular Expression Denial of Service ReDOS by an attacker who fails to properly handle a crafte...

PT-2022-11321 · Unknown · Validate-Data

Name of the Vulnerable Software and Affected Versions: validate-data version 0.1.1 Description: A Regular Expression Denial of Service ReDOS issue was found in the validation of crafted invalid emails. This occurs when the software attempts to validate specially crafted email addresses, leading t...

Malicious code in wm-package-json-validate (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 80f5bf43e02aede17bce329245d3d725df86c2647fc515065fba8f0c7961f728 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in wm-grunt-module-validate (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0144eb5a5379973adb84fce29202e3214f1bb5b65e7862c5865441b7b371d852 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-7194 Malicious code in wm-grunt-module-validate (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0144eb5a5379973adb84fce29202e3214f1bb5b65e7862c5865441b7b371d852 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-7199 Malicious code in wm-package-json-validate (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 80f5bf43e02aede17bce329245d3d725df86c2647fc515065fba8f0c7961f728 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in validate-order (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1287f30b79a649e97efdcbe3b17cdeaeb6766e487b071cdeb18f6a599506ffd1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2021-21252

A flaw was found in jQuery-validate. There is an issue where it contains one or more regular expressions vulnerable to a Regular Expression Denial of Service ReDoS...

CLSA-2022-1654526615 Fixed CVE-2021-21705 in php-1.module_el8.5.0+2055+cc873159.tuxcare.els3

CVE-2021-21705: Fix SSRF bypass in FILTERVALIDATEURL adding additional check ups...

Auth0 Passport-SharePoint does not validate JWT signature

Auth0 Passport-SharePoint before 0.4.0 does not validate the JWT signature of an Access Token before processing. This allows attackers to forge tokens and bypass authentication and authorization mechanisms...

GHSA-5R7W-PJX8-99QG JBoss KeyCloak Open Redirect

JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL...

GHSA-QPG9-83FV-X9CH Improper Neutralization of Input During Web Page Generation in Jenkins

The f:validateButton form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting XSS vulnerability exploitable by users with the ability to control job names...