Search Results | AttackerKB

34 Total Results

Displaying 31-34 of 34

Attacker Value

Unknown

CVE-2020-28500

Disclosure Date: February 15, 2021 (last updated February 22, 2025)

Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.

Attacker Value

Unknown

CVE-2020-7793

Disclosure Date: December 11, 2020 (last updated February 22, 2025)

The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2020-28168

Disclosure Date: November 06, 2020 (last updated February 22, 2025)

Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2020-12762

Disclosure Date: May 09, 2020 (last updated February 21, 2025)

json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.

Attack Vector: Local Privileges: None User Interaction: Required

34 Total Results

Displaying 31-34 of 34

Unknown

CVE-2020-28500

Unknown

CVE-2020-7793

Unknown

CVE-2020-28168

Unknown

CVE-2020-12762

Quick Cookie Notification