Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service (CPU consumption) via crafted input in a parse call, aka a "regular expression denial of service (ReDoS)."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Joyent Node.js uglify-js 资源管理错误漏洞
Vulnerability Description
Joyent Node.js是美国Joyent公司的一套建立在Google V8 JavaScript引擎之上的网络应用平台。UglifyJS是其中的一个JavaScript代码优化工具。 Joyent Node.js中的uglify-js 2.5.0及之前的版本存在安全漏洞。攻击者可借助解析调用中的特制输入利用该漏洞造成拒绝服务(CPU消耗)。
CVSS Information
N/A
Vulnerability Type
N/A