All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable. https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-4058657 https://github.com/jonschlinkert/word-wrap/blob/master/index.js%23L39 https://security.snyk.io/vuln/SNYK-JS-WORDWRAP-3149973
Created golang-github-prometheus tracking bugs for this issue: Affects: epel-all [bug 2216894] Created magicmirror tracking bugs for this issue: Affects: fedora-all [bug 2216895] Created pcs tracking bugs for this issue: Affects: fedora-all [bug 2216896]
This issue has been addressed in the following products: RHOL-5.7-RHEL-8 Via RHSA-2023:3998 https://access.redhat.com/errata/RHSA-2023:3998
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-26115
This issue has been addressed in the following products: RHODF-4.13-RHEL-9 Via RHSA-2023:5376 https://access.redhat.com/errata/RHSA-2023:5376
This issue has been addressed in the following products: NETWORK-OBSERVABILITY-1.4.0-RHEL-9 Via RHSA-2023:5379 https://access.redhat.com/errata/RHSA-2023:5379
This issue has been addressed in the following products: Red Hat Migration Toolkit for Containers 1.8 Via RHSA-2023:5447 https://access.redhat.com/errata/RHSA-2023:5447
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:5006 https://access.redhat.com/errata/RHSA-2023:5006
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:7681 https://access.redhat.com/errata/RHSA-2023:7681