21 matches found
ROOT-APP-NPM-CVE-2023-26115 CVE-2023-26115 in @rootio/word-wrap - Patched by Root
Root has patched CVE-2023-26115 in the @rootio/word-wrap package for Root:npm. Multiple fixed versions available...
EUVD-2023-1831
Malicious code in bioql PyPI...
django: Potential denial-of-service vulnerability in django.utils.text.wrap()
A potential denial of service vulnerability exists in django.utils.text.wrap and the wordwrap template filter. When processing extremely long strings, these functions may cause excessive resource consumption, potentially leading to service disruption...
RHEL 6 : grafana (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - word-wrap: ReDoS CVE-2023-26115 Note that Nessus has not tested for this issue but has instead relied on the packag...
Security Bulletin: IBM Cloud Pak for Network Automation 2.6.3 fixes multiple security vulnerabilities
Summary IBM Cloud Pak for Network Automation 2.6.3 fixes multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID: CVE-2023-35887 DESCRIPTION: Apache MINA SSHD could allow a remote authenticated attacker to obtain sensitive information, caused by improper...
Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.3 security and bug fix update
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.13.3 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS ba...
Security Bulletin: IBM App Connect Enterprise is vulnerable to a remote attack and a denial of service due to Node.js modules protobuf.js, vm2 and word-wrap [CVE-2023-36665, CVE-2023-37903, CVE-2023-37466 and CVE-2023-26115]
Summary IBM App Connect Enterprise is vulnerable to a remote attack and a denial of service due to Node.js modules protobuf.js, vm2 and word-wrap CVE-2023-36665, CVE-2023-37903, CVE-2023-37466 and CVE-2023-26115. The fix includes protobuf.js =7.2.4, word-wrap =1.2.5 and vm2 has been removed from...
Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service due to [CVE-2023-26115]
Summary Node.js word-wrap is used internally by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability in Node.js word-wrap...
CVE-2023-26115
A flaw was found in the Node.js word-wrap module, where it is vulnerable to a denial of service caused by a Regular expression denial of service ReDoS issue in the result variable. By sending a specially crafted regex input, a remote attacker can cause a denial of service...
GHSA-J8XG-FQG3-53R7 word-wrap vulnerable to Regular Expression Denial of Service
All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of an insecure regular expression within the result variable...
word-wrap vulnerable to Regular Expression Denial of Service
All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of an insecure regular expression within the result variable...
@alexktzk/cz-customizable (>=1.0.0 <=1.1.0), @algolia/coquille (>=0.0.2 <=0.0.13) +1269 more potentially affected by CVE-2023-26115 via word-wrap (>=0.1.3 <=1.2.3)
word-wrap NPM version =0.1.3, =1.0.0, =0.0.2, =1.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.4.2, =0.0.0, =1.0.0, =0.1.0-preview, =0.1.0-preview, =6.0.0-alpha.16.20220105.1, =0.1.3, =0.1.17 and more Source cves: CVE-2023-26115 Source advisory: OSV:GHSA-J8XG-FQG3-53R7...
AZL-43867 CVE-2023-26115 affecting package js-jquery 3.5.0-4
All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of an insecure regular expression within the result variable...
CVE-2023-26115
All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of an insecure regular expression within the result variable...
CVE-2023-26115
All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of an insecure regular expression within the result variable...
CVE-2023-26115
CVE-2023-26115 affects the word-wrap package. The vulnerability is a Regular Expression Denial of Service (ReDoS) caused by an insecure regex in the result variable, affecting all versions. Public references cite a fix in word-wrap 1.2.4 (and releases tagged 1.2.4) with related discussion and a p...
CVE-2023-26115
All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of an insecure regular expression within the result variable...
word-wrap 安全漏洞
word-wrap is a library by Jon Schlinkert, an individual developer in the United States. It is used to wrap words to a specified length. A security vulnerability exists in word-wrap, which stems from the use of an insecure regular expression in the result variable...
@alexktzk/cz-customizable (>=1.0.0 <=1.1.0), @algolia/coquille (>=0.0.2 <=0.0.13) +379 more potentially affected by CVE-2023-26115 via word-wrap (>=1.0.3 <=1.2.3)
word-wrap NPM version =1.0.3, =1.0.0, =0.0.2, =1.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.4.2, =0.0.0, =1.0.0, =0.1.0-preview, =0.1.0-preview, =6.0.0-alpha.16.20220105.1, =0.1.3, =0.1.17 and more Source cves: CVE-2023-26115 Source advisory: SNYK:JS-WORDWRAP-3149973...
[SECURITY] Fedora 8 Update: mousepad-0.2.13-1.fc8
Mousepad is a text editor for Xfce based on Leafpad. The initial reason for Mousepad was to provide printing support, which would have been difficult for Leafpad for various reasons. Although some features are under development, currently Mousepad has follow ing features: Complete support for UTF...