Количество 2
Количество 2
CVE-2025-45525
A NULL pointer dereference vulnerability has been identified in the JavaScript library microlight version 0.0.7, a lightweight syntax highlighting library. When processing elements with non-standard CSS color values, the library fails to validate the result of a regular expression match before accessing its properties, leading to an uncaught TypeError and potential application crash. NOTE: this is disputed by multiple parties because there is no common scenario in which an adversary can insert those non-standard values.
GHSA-64x7-m7rh-9m83
Withdrawn Advisory: microlight.js has a null pointer dereference vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-45525 A NULL pointer dereference vulnerability has been identified in the JavaScript library microlight version 0.0.7, a lightweight syntax highlighting library. When processing elements with non-standard CSS color values, the library fails to validate the result of a regular expression match before accessing its properties, leading to an uncaught TypeError and potential application crash. NOTE: this is disputed by multiple parties because there is no common scenario in which an adversary can insert those non-standard values. | CVSS3: 2.9 | 0% Низкий | 8 месяцев назад |
| GHSA-64x7-m7rh-9m83 Withdrawn Advisory: microlight.js has a null pointer dereference vulnerability | 0% Низкий | 8 месяцев назад |
Уязвимостей на страницу