-
The affected code is located in [util.py-line292](https://github.com/hardbyte/python-can/blob/5c523ec9cc5ab3badbb6def6fb3750d228c7c7c0/can/util.py#L292). It uses the vulnerable regular expression `.*?…
-
d3-color vulnerable to ReDos was mentioned as closed in below thread, but issue still exists in latest release of 8.0.3
[d3-color vulnerable to ReDoS · Issue #469 · swimlane/ngx-graph (github.com)]…
-
[owasp](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)
-
## Description
_TBD_
**CVE ID**: _N/A_
## References
- _URL_
-
use of Snyk revealed a number of vulnerabilities, can the software be updated with a patched version?
the vulnerabilities were not validated against real-world exploitability
Command Injection : 6…
-
In Eclipse IDE 2023-12,
use of [Maven CI Friendly Versions](https://maven.apache.org/maven-ci-friendly.html) is producing Maven errors.
https://github.com/eliasbalasis/eclipse-lemminx-maven-issue-…
-
### PURL of wrongly matched component
pkg:npm/lodash@4.17.21
### Depscan findings
Receiving {"id": "CVE-2019-1010266", "package": "npm:lodash", "purl": "pkg:npm/lodash@4.17.21", "package_type": "np…
-
**Vulnerable module:** braces
**Introduced through:** indexr@1.1.10
**Detailed Path:**
```
generator-reaction@0.0.0-development ›
indexr@1.1.10 ›
chokidar@1.7.0 ›
…
-
Medium Severity Regular Expression Denial of Service (ReDoS) issue reported by Synk here due to the glob-parent package:
https://app.snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905
-
https://en.wikipedia.org/wiki/ReDoS
https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS
ghost updated
3 years ago