VDB
RHEA-2021%3A5066
RHEA-2021%3A5066
PUBLISHED
CVSS 7.5 HIGH
A Regular Expression Denial of Service (ReDoS) vulnerability was found in the nodejs axios. This flaw allows an attacker to provide crafted input to the trim function, which might cause high resources consumption and as a consequence lead to denial of service. The highest threat from this vulnerability is system availability.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:b74533ee63f91871e662d53b8723b0ff9d6cb9669e1d643b2a2079007eb36b1b_amd64 as a component of 8Base-MTV-2.2 | migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:b74533ee63f91871e662d53b8723b0ff9d6cb9669e1d643b2a2079007eb36b1b_amd64 |
| Red Hat | migration-toolkit-virtualization/mtv-virt-v2v-rhel8@sha256:1fa55d7af17e5c0d02ca6ea49b12339a8c6fd62d6131c993031cdb0e6cecaec0_amd64 as a component of 8Base-MTV-2.2 | * |
| Red Hat | migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:cf63280768f5a5f1c71463e4fc6824e225f5c3041979c37d9c8c6009bb2cc618_amd64 as a component of 8Base-MTV-2.2 | * |
| Red Hat | migration-toolkit-virtualization/mtv-operator-bundle@sha256:8052eca4ff2643bc7be9cd72e00b18015c9a7abc6421f61a454b418c84342c94_amd64 as a component of 8Base-MTV-2.2 | * |
| Red Hat | migration-toolkit-virtualization/mtv-ui-rhel8@sha256:675034f89ec601cc7755315b42ddda61fa2395397d7c57a270c1d0149058d8f3_amd64 as a component of 8Base-MTV-2.2 | * |
| Red Hat | migration-toolkit-virtualization/mtv-controller-rhel8@sha256:2cce5613b712523a5f5c869cbb70bc7c345abf3082cf0e4bac6bba10c964ac6b_amd64 as a component of 8Base-MTV-2.2 | migration-toolkit-virtualization/mtv-controller-rhel8@sha256:2cce5613b712523a5f5c869cbb70bc7c345abf3082cf0e4bac6bba10c964ac6b_amd64 |
| Red Hat | migration-toolkit-virtualization/mtv-validation-rhel8@sha256:f4739e4508739b0ecf493aaa7531b8463776499038097b2d19adbc3eb32724af_amd64 as a component of 8Base-MTV-2.2 | migration-toolkit-virtualization/mtv-validation-rhel8@sha256:f4739e4508739b0ecf493aaa7531b8463776499038097b2d19adbc3eb32724af_amd64 |
| Red Hat | migration-toolkit-virtualization/mtv-rhel8-operator@sha256:d6ff4e314aaf9e32a9250640e1b68e91c6d9c1ed379af2d8294f2595daef5312_amd64 as a component of 8Base-MTV-2.2 | migration-toolkit-virtualization/mtv-rhel8-operator@sha256:d6ff4e314aaf9e32a9250640e1b68e91c6d9c1ed379af2d8294f2595daef5312_amd64 |
Timeline
- Dec 9, 2021 CVE Published
- Mar 20, 2026 CVE Updated
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHEA-2021:5066 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1919636 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1944402 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1951660 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1953253 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1953989 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1957841 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1959229 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1959377 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1965030 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1965328 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1977260 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1981074 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1990596 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1990851 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1993089 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1993140 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1993259 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1994037 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1994042 issue
…and 57 more