-
Notifications
You must be signed in to change notification settings - Fork 41
v2.17.0 Security vulnerability report libraries
System bot edited this page Feb 26, 2025
·
92 revisions
| SUBSCRIPTIONID | RESOURCEGROUP | VULNID | IDENTIFICATIONDATE | CATEGORY | CVE | CVSS | SEVERITY | DISPLAYNAME | RESOURCEID | RESOURCEID_SINGLE | AKTIV | HOST | OSDETAILS |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| - | - | CVE-2025-24033 | 2025-01-23T18:15:33.61Z | npm audit | CVE-2025-24033 | HIGH | Unlimited consumption of resources in @fastify/multipart | api-v2.17.0 | api-v2.17.0 | Yes | package: @fastify/multipart, status: fixed, fixedVersion: 8.3.1, 9.0.3 | ||
| - | - | CVE-2024-21538 | 2024-11-08T05:15:06.453Z | npm audit | CVE-2024-21538 | HIGH | cross-spawn: regular expression denial of service | api-v2.17.0 | api-v2.17.0 | Yes | package: cross-spawn, status: fixed, fixedVersion: 7.0.5, 6.0.6 | ||
| - | - | CVE-2024-21538 | 2024-11-08T05:15:06.453Z | npm audit | CVE-2024-21538 | HIGH | cross-spawn: regular expression denial of service | migration-v2.17.0 | migration-v2.17.0 | Yes | package: cross-spawn, status: fixed, fixedVersion: 7.0.5, 6.0.6 | ||
| - | - | CVE-2024-55565 | 2024-12-09T02:15:19.607Z | npm audit | CVE-2024-55565 | MEDIUM | nanoid: nanoid mishandles non-integer values | api-v2.17.0 | api-v2.17.0 | Yes | package: nanoid, status: fixed, fixedVersion: 5.0.9, 3.3.8 | ||
| - | - | CVE-2024-21534 | 2024-10-11T13:15:15.667Z | npm audit | CVE-2024-21534 | CRITICAL | jsonpath-plus: Remote Code Execution in jsonpath-plus via Improper Input Sanitization | blockchain-v2.17.0 | blockchain-v2.17.0 | Yes | package: jsonpath-plus, status: fixed, fixedVersion: 10.2.0 | ||
| - | - | CVE-2025-1302 | 2025-02-15T05:15:11.683Z | npm audit | CVE-2025-1302 | HIGH | jsonpath-plus: Remote Code Execution in jsonpath-plus via Improper Input Sanitization | blockchain-v2.17.0 | blockchain-v2.17.0 | Yes | package: jsonpath-plus, status: fixed, fixedVersion: 10.3.0 | ||
| - | - | CVE-2024-52798 | 2024-12-05T23:15:06.31Z | npm audit | CVE-2024-52798 | HIGH | path-to-regexp: path-to-regexp Unpatched ReDoS in 0.1.x | blockchain-v2.17.0 | blockchain-v2.17.0 | Yes | package: path-to-regexp, status: fixed, fixedVersion: 0.1.12 | ||
| - | - | CVE-2024-52798 | 2024-12-05T23:15:06.31Z | npm audit | CVE-2024-52798 | HIGH | path-to-regexp: path-to-regexp Unpatched ReDoS in 0.1.x | excel-export-service-v2.17.0 | excel-export-service-v2.17.0 | Yes | package: path-to-regexp, status: fixed, fixedVersion: 0.1.12 | ||
| - | - | CVE-2024-52798 | 2024-12-05T23:15:06.31Z | npm audit | CVE-2024-52798 | HIGH | path-to-regexp: path-to-regexp Unpatched ReDoS in 0.1.x | email-notification-service-v2.17.0 | email-notification-service-v2.17.0 | Yes | package: path-to-regexp, status: fixed, fixedVersion: 0.1.12 | ||
| - | - | CVE-2024-52798 | 2024-12-05T23:15:06.31Z | npm audit | CVE-2024-52798 | HIGH | path-to-regexp: path-to-regexp Unpatched ReDoS in 0.1.x | storage-service-v2.17.0 | storage-service-v2.17.0 | Yes | package: path-to-regexp, status: fixed, fixedVersion: 0.1.12 |
Last scan date: 2025-2-26 6:30:10