20 matches found
EUVD-2022-7006
Malicious code in bioql PyPI...
Security Bulletin: IBM Cloud Pak for Data is vulnerable to to prototype pollution due to webpack loader-utils ( CVE-2022-37601 )
Summary Potential vulnerabilities in webpack loader-utils module has been identified that may affect IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-37601 DESCRIPTION: Prototype pollution vulnerability in function parseQuery in parseQuery....
Linux Distros Unpatched Vulnerability : CVE-2022-37601
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all...
loader-utils: prototype pollution in function parseQuery in parseQuery.js
A prototype pollution vulnerability was found in the parseQuery function in parseQuery.js in the webpack loader-utils via the name variable in parseQuery.js. This flaw can lead to a denial of service or remote code execution...
Security Bulletin: IBM Spectrum Discover is vulnerable to multiple vulnerabilities
Summary IBM has addressed multiple vulnerabilities in IBM Spectrum Discover. Webpack loader-utils CVE-2022-37601 is vulnerable to execute arbitrary code on the system caused by a pollution flaw in parseQuery function. OpenStack Keystone CVE-2021-3563 is vulnerable to bypass security restriction...
CVE-2022-37599
A flaw was found in the interpolateName function in interpolateName.js in the webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js. This flaw can lead to a regular expression denial of service ReDoS. Mitigation Mitigation for this issue is either not available or the...
Fedora 37 : yarnpkg (2023-86d75130fe)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-86d75130fe advisory. Apply fix for CVE-2022-37603. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...
Prototype Pollution
node-loader-utils is vulnerable to Prototype Pollution. The vulnerability exists in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js which allows an attacker to cause a prototype pollution...
CVE-2022-37603
A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js...
CVE-2022-37603
A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js...
Denial of service
A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js...
CVE-2022-37603
A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js...
CVE-2022-37603
A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js...
PT-2022-24024 · Webpack +1 · Webpack Loader-Utils +1
Name of the Vulnerable Software and Affected Versions: webpack loader-utils version 2.0.0 webpack loader-utils versions prior to 1.4.2 webpack loader-utils versions prior to 2.0.4 webpack loader-utils versions prior to 3.2.1 Description: A Regular expression denial of service ReDoS flaw was found...
UBUNTU-CVE-2022-37601
Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3...
CVE-2022-37601
Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3...
Code injection
Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils 2.0.0 via the name variable in parseQuery.js...
Denial of service
A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js...
PT-2022-24021 · Webpack +1 · Loader-Utils +1
Name of the Vulnerable Software and Affected Versions: webpack loader-utils version 2.0.0 Description: A Regular expression denial of service ReDoS flaw was found in the interpolateName function in interpolateName.js via the resourcePath variable. This issue could be exploited by sending crafted...
CVE-2022-37599
A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js...