CVE-2022-25858 The package terser before 4.8.1, 5.0.0 and 5.14.2 are vulnerable to ReDoS due to insecure usage of regular expressions.

CVE-2022-25858 The package terser before 4.8.1, 5.0.0 and 5.14.2 are vulnerable to ReDoS due to insecure usage of regular expressions.

This could result in denial of service to the affected services due to high CPU consumption.

To fix this issue, update your servers to the latest patch level immediately.

CVE-2018-1177 - Cisco WebEx Node.js Client Vulnerable to Server-Side Code Injection Due to insecure usage of regular expressions, Cisco WebEx Node.js client before version 4.8.1, 5.0.0 before 5.14.2, and 5.1.0 before 5.1.1 is vulnerable to Server-Side Code Injection due to insecure usage of regular expressions.

This could result in remote code execution on the affected Cisco WebEx Node.js server.
In order to exploit this issue, an attacker would have to convince an administrator to visit a specially crafted website or Open Redirect attack on the server.
To fix this issue, update your Cisco WebEx Node.js client to the latest patch level immediately. CVE-2018-1176 - Cisco WebEx Node.js Client Vulnerable to Clickjacking Cisco WebEx Node.js client before version 4.8.1, 5.0.0 before 5.14.2, and 5.1.0 before 5.1.1 is vulnerable to Clickjacking.

This could result in XSS attack on the affected Cisco WebEx Node.js server.
To fix this issue, update your Cisco WebEx Node.js client to the latest

Cisco WebEx Browsers and WebEx Node.js Clients

To fix this issue, update your Cisco WebEx Node.js client to the latest patch level immediately.

Cisco WebEx Browsers and WebEx Node.js Clients

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe