Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2021-35065HistoryDec 26, 2022 - 7:15 a.m.
CVE-2021-35065
2022-12-2607:15:11
Debian Security Bug Tracker
security-tracker.debian.org
28
node.js
redos attacks
enclosure regex
security
cve-2021-35065
unix
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
46.7%
The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | node-glob-parent | < 6.0.2+~5.1.1-1 | node-glob-parent_6.0.2+~5.1.1-1_all.deb |
| Debian | 11 | all | node-glob-parent | <= 5.1.1+~5.1.0-2 | node-glob-parent_5.1.1+~5.1.0-2_all.deb |
| Debian | 999 | all | node-glob-parent | < 6.0.2+~5.1.1-1 | node-glob-parent_6.0.2+~5.1.1-1_all.deb |
| Debian | 13 | all | node-glob-parent | < 6.0.2+~5.1.1-1 | node-glob-parent_6.0.2+~5.1.1-1_all.deb |
Related
fedora
fedora
[SECURITY] Fedora 37 Update: yarnpkg-1.22.19-2.fc37
2023-01-12 01:53:57
[SECURITY] Fedora 36 Update: yarnpkg-1.22.19-2.fc36
2023-01-12 01:35:37
[SECURITY] Fedora 37 Update: pgadmin4-6.18-2.fc37
2023-01-12 01:53:58
openvas
openvas
Fedora: Security Advisory for yarnpkg (FEDORA-2023-8d4b772755)
2023-01-12 00:00:00
Fedora: Security Advisory for pgadmin4 (FEDORA-2023-496439cbdd)
2023-01-12 00:00:00
Fedora: Security Advisory for yarnpkg (FEDORA-2023-5c6f32db6f)
2023-01-12 00:00:00
nessus
nessus
Fedora 36 : yarnpkg (2023-5c6f32db6f)
2023-01-12 00:00:00
CentOS 9 : nodejs-nodemon-2.0.20-3.el9
2024-02-29 00:00:00
RHEL 6 : glob-parent (Unpatched Vulnerability)
2024-05-11 00:00:00
nvd
nvd
CVE-2021-35065
2022-12-26 07:15:11
osv
osv
BIT-gulp-2021-35065
2024-03-06 10:52:58
glob-parent 6.0.0 vulnerable to Regular Expression Denial of Service
2022-07-18 17:03:23
CVE-2021-35065
2022-12-26 07:15:11
prion
prion
Code injection
2022-12-26 07:15:00
ubuntucve
ubuntucve
CVE-2021-35065
2022-12-26 00:00:00
cve
cve
CVE-2021-35065
2022-12-26 07:15:11
cvelist
cvelist
CVE-2021-35065
2022-12-26 00:00:00
redhatcve
redhatcve
CVE-2021-35065
2022-12-26 12:34:50
ibm
ibm
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js glob-parent denial of service vulnerability( CVE-2021-35065)
2023-07-05 22:16:30
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js
2021-11-30 16:26:43
Security Bulletin: Open Source Dependency Vulnerability
2023-05-15 18:26:00
github
github
glob-parent 6.0.0 vulnerable to Regular Expression Denial of Service
2022-07-18 17:03:23
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2021-07-27 06:48:58
almalinux
almalinux
Moderate: nodejs:18 security, bug fix, and enhancement update
2023-04-04 00:00:00
Important: nodejs:14 security, bug fix, and enhancement update
2023-04-12 00:00:00
Moderate: nodejs:16 security, bug fix, and enhancement update
2023-04-04 00:00:00
redhat
redhat
oraclelinux
oraclelinux
nodejs:18 security, bug fix, and enhancement update
2023-04-05 00:00:00
nodejs:14 security, bug fix, and enhancement update
2023-04-12 00:00:00
nodejs:18 security, bug fix, and enhancement update
2023-05-17 00:00:00
rocky
rocky
nodejs:18 security, bug fix, and enhancement update
2023-04-06 15:52:43
nodejs:14 security, bug fix, and enhancement update
2023-04-26 15:28:13
nodejs:16 security, bug fix, and enhancement update
2023-04-06 15:52:43
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
46.7%
Related for DEBIANCVE:CVE-2021-35065