Rewterz Threat Advisory – Multiple Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Vulnerabilities
June 29, 2021Rewterz Threat Advisory – CVE-2021-35523 – Securepoint SSL VPN Client Vulnerability
June 29, 2021Rewterz Threat Advisory – Multiple Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Vulnerabilities
June 29, 2021Rewterz Threat Advisory – CVE-2021-35523 – Securepoint SSL VPN Client Vulnerability
June 29, 2021Severity
High
Analysis Summary
CVE-2021-32723
Node.js prismjs module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw when highlighting untrusted (user-given) text. By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Denial of Service
Affected Vendors
Node.js
Affected Products
- Node.js prismjs 1.23.0
Remediation
Upgrade to the latest version of prismjs (1.24.0 or later), available from the NPM Web site.