Описание
A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This impacts the function setOptions of the file src/util/request-manager.js. Such manipulation leads to inefficient regular expression complexity. Local access is required to approach this attack. This vulnerability only affects products that are no longer supported by the maintainer.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Migration Toolkit for Virtualization | migration-toolkit-virtualization/mtv-console-plugin-rhel9 | Fix deferred | ||
| Migration Toolkit for Virtualization | mtv-candidate/mtv-console-plugin-rhel9 | Fix deferred | ||
| OpenShift Service Mesh 2 | openshift-service-mesh/kiali-ossmc-rhel8 | Fix deferred | ||
| OpenShift Service Mesh 2 | openshift-service-mesh/kiali-rhel8 | Fix deferred | ||
| OpenShift Service Mesh 3 | openshift-service-mesh/kiali-operator-bundle | Fix deferred | ||
| OpenShift Service Mesh 3 | openshift-service-mesh/kiali-ossmc-rhel9 | Fix deferred | ||
| OpenShift Service Mesh 3 | openshift-service-mesh/kiali-rhel9 | Fix deferred | ||
| OpenShift Service Mesh 3 | openshift-service-mesh/kiali-rhel9-operator | Fix deferred | ||
| Red Hat Enterprise Linux 8 | grafana | Fix deferred | ||
| Red Hat OpenShift GitOps | openshift-gitops-1/argocd-agent-rhel8 | Fix deferred |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This impacts the function setOptions of the file src/util/request-manager.js. Such manipulation leads to inefficient regular expression complexity. Local access is required to approach this attack. This vulnerability only affects products that are no longer supported by the maintainer.
A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This impacts the function setOptions of the file src/util/request-manager.js. Such manipulation leads to inefficient regular expression complexity. Local access is required to approach this attack. This vulnerability only affects products that are no longer supported by the maintainer.
A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This imp ...
A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This impacts the function setOptions of the file src/util/request-manager.js. Such manipulation leads to inefficient regular expression complexity. Local access is required to approach this attack. This vulnerability only affects products that are no longer supported by the maintainer.
EPSS
3.3 Low
CVSS3