Vulnerabilities

CVE-2021-33502

May 28, 2021

The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs.

Summary:

Reference Links(if available):

https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1

CVSS Score (if available)

v2: / MEDIUM

v3: /

Links to Exploits(if available)

Fortifying the Backbone: Cybersecurity for Critical Infrastructure

November 15, 2024

Bank of England U-Turns on Critical Third Party Vulnerability Disclosure Rules

November 15, 2024

Sitting Ducks DNS Attacks Threaten Over 1 Million Global Domains

November 15, 2024

API Security Threats: 83% of Companies Experience Security Incidents

November 15, 2024

Microsoft Power Pages: Misconfiguration Risks and Data Exposure

November 15, 2024

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

You may have missed

Fortifying the Backbone: Cybersecurity for Critical Infrastructure

Bank of England U-Turns on Critical Third Party Vulnerability Disclosure Rules

Sitting Ducks DNS Attacks Threaten Over 1 Million Global Domains

API Security Threats: 83% of Companies Experience Security Incidents

Microsoft Power Pages: Misconfiguration Risks and Data Exposure