CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in that-value v0.1.3 when validating crafted invalid emails.

Permalink

Cannot retrieve contributors at this time

/\*\*

\* that-value@0.1.3

\* Package Manager: npm

\* Link to published package: https://github.com/q-nick/that-value

\* Link to GitHub repo: https://github.com/q-nick/that-value

\* Severity level: High

\* Module Description: Multi language/platform pack of validators (front-end and back-end)

\* Additional Info: It allows cause a denial of service when validating crafted invalid emails.

\* Contacted maintainer?: No

\* Open issue?: No

\*/

var thatValue \= require("that-value")

var emailValue \= thatValue('00.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!.!!').is.string().is.email().and.contains('paul');

if(emailValue.valid())

{

/\* when valid \*/

}

else

{

/\*not valid\*/

var errorList \= emailValue.getErrors();

}

Headline

CVE-2021-40896: SaveResults/that-value.js at main · yetingli/SaveResults

CVE: Latest News