{"vulnerability": "CVE-2022-3762", "sightings": [{"uuid": "6174a6cf-2016-40a7-a5a6-bd87c9f413e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37620", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15159", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-37620\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A Regular Expression Denial of Service (ReDoS) flaw was found in kangax html-minifier 4.0.0 via the candidate variable in htmlminifier.js.\n\ud83d\udccf Published: 2022-10-31T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T15:51:17.033Z\n\ud83d\udd17 References:\n1. https://github.com/kangax/html-minifier/blob/51ce10f4daedb1de483ffbcccecc41be1c873da2/src/htmlminifier.js#L1338\n2. https://github.com/kangax/html-minifier/blob/51ce10f4daedb1de483ffbcccecc41be1c873da2/src/htmlminifier.js#L294\n3. https://github.com/kangax/html-minifier/issues/1135", "creation_timestamp": "2025-05-06T16:22:02.000000Z"}, {"uuid": "89323e3d-a7a4-4713-8ba0-eba3b542cddb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37621", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15324", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-37621\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the fullPath variable in resolve-shims.js.\n\ud83d\udccf Published: 2022-10-28T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-07T14:52:54.551Z\n\ud83d\udd17 References:\n1. https://github.com/thlorenz/browserify-shim/blob/464b32bbe142664cd9796059798f6c738ea3de8f/lib/resolve-shims.js#L158\n2. https://github.com/thlorenz/browserify-shim/blob/464b32bbe142664cd9796059798f6c738ea3de8f/lib/resolve-shims.js#L37\n3. https://github.com/thlorenz/browserify-shim/issues/247", "creation_timestamp": "2025-05-07T15:22:41.000000Z"}, {"uuid": "aae63f9c-cfa1-4cc6-8fbb-589cde74dae5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37620", "type": "seen", "source": "https://t.me/arpsyndicate/4746", "content": "#ExploitObserverAlert\n\nCVE-2022-37620\n\nDESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2022-37620. A Regular Expression Denial of Service (ReDoS) flaw was found in kangax html-minifier 4.0.0 via the candidate variable in htmlminifier.js.\n\nFIRST-EPSS: 0.000790000\nNVD-IS: 3.6\nNVD-ES: 3.9\nARPS-PRIORITY: 0.7197403", "creation_timestamp": "2024-04-23T17:24:40.000000Z"}, {"uuid": "adef7a5b-0270-4f8c-b957-465aa0c1fece", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37623", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15161", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-37623\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the shimPath variable in resolve-shims.js.\n\ud83d\udccf Published: 2022-10-31T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T15:49:33.554Z\n\ud83d\udd17 References:\n1. https://github.com/thlorenz/browserify-shim/blob/464b32bbe142664cd9796059798f6c738ea3de8f/lib/resolve-shims.js#L158\n2. https://github.com/thlorenz/browserify-shim/blob/464b32bbe142664cd9796059798f6c738ea3de8f/lib/resolve-shims.js#L94\n3. https://github.com/thlorenz/browserify-shim/issues/248", "creation_timestamp": "2025-05-06T16:22:04.000000Z"}]}