6 matches found
ROOT-APP-NPM-CVE-2022-25883 CVE-2022-25883 in @rootio/semver - Patched by Root
Root has patched CVE-2022-25883 in the @rootio/semver package for Root:npm. Multiple fixed versions available...
nodejs:20 security update
nodejs 1:20.20.0-1 - Update to version 20.20.0 Resolves: RHEL-130972 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883...
MiracleLinux 8 : nodejs:16 (AXSA:2023-6464:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6464:01 advisory. nodejs: Permissions policies can be bypassed via Module.load CVE-2023-32002 nodejs-semver: Regular expression denial of service CVE-2022-25883 nodej...
CVE-2022-25883
creationtimestamp| type| source ---|---|--- 2024-01-31 14:50:05+00:00| seen| https://t.me/truesecator/5358 2026-02-18 15:05:24+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mf5e4b4px32q 2026-02-20 13:38:22+00:00| seen|...
SUSE CVE-2022-25883
Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service ReDoS via the function new Range, when untrusted user data is provided as a range...
007putra-my-bot (=1.1.1), 03-asenkronsdasdsadavehttprequest (=1.0.0) +17741 more potentially affected by CVE-2022-25883 via semver (>=7.0.0 <=7.5.1)
semver NPM version =7.0.0, =7.5.1 is affected by a known vulnerability. The following packages have a transitive dependency on semver and may be impacted: - 007putra-my-bot =1.1.1 - 03-asenkronsdasdsadavehttprequest =1.0.0 - 0xgank-tea-advice-pull =1.0.0 - 0xgank-tea-balance-pencil =1.0.0 -...