Lucene search
ZdiCVELIST:CVE-2018-11615HistoryAug 30, 2018 - 12:00 p.m.
CVE-2018-11615
2018-08-3012:00:00
CWE-20
zdi
www.cve.org
0.965 High
EPSS
Percentile
99.6%
This vulnerability allows remote attackers to deny service on vulnerable installations of npm mosca 2.8.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of topics. A crafted regular expression can cause the broker to crash. An attacker can leverage this vulnerability to deny access to the target system. Was ZDI-CAN-6306.
CNA Affected
[
{
"product": "npm mosca",
"vendor": "npm",
"versions": [
{
"status": "affected",
"version": "2.8.1"
}
]
}
]Related
zdi
zdi
npm mosca Regular Expression Parsing Denial-of-Service Vulnerability
2018-06-13 00:00:00
cve
cve
CVE-2018-11615
2018-08-30 12:29:00
veracode
veracode
Denial Of Service (DoS)
2018-08-31 02:53:36
github
github
Mosca REDoS Vulnerability
2018-08-31 06:22:50
checkpoint_advisories
checkpoint_advisories
Mosca Project Denial of Service (CVE-2018-11615)
2020-06-25 00:00:00
osv
osv
CVE-2018-11615
2018-08-30 12:29:00
Mosca REDoS Vulnerability
2018-08-31 06:22:50
nvd
nvd
CVE-2018-11615
2018-08-30 12:29:00
prion
prion
Design/Logic Flaw
2018-08-30 12:29:00