Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Regexploit - Find Regular Expressions Which Are Vulnerable To ReDoS (Regular Expression Denial Of Service)

🗓️ 20 Jul 2021 12:30:00Reported by KitPloitType 
kitploit
 kitploit🔗 www.kitploit.com👁 498 Views

Find regexes vulnerable to ReDoS. Default regex parsers can have unbounded worst-case complexity causing denial of service and catastrophic backtracking. Tool identifies vulnerable regexes and provides examples

Related
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: Vulnerabilities in the Linux Kernel, Samba, Sudo, Python, and tcmu-runner affect IBM Spectrum Protect Plus
6 May 202202:35
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities affect IBM Rational® Application Developer for WebSphere® Software - September 2021
30 Sep 202115:00
ibm
IBM Security Bulletins		Security Bulletin: IBM Cognos Dashboards on Cloud Pak for Data has addressed security vulnerabilities
27 Feb 202513:56
ibm
IBM Security Bulletins		Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak
18 Oct 202214:58
ibm
IBM Security Bulletins		Security Bulletin: Security vulnerabilities in Python3 affect IBM Cloud Pak for Multicloud Management Hybrid GRC.
4 Feb 202121:29
ibm
IBM Security Bulletins		Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs
19 Oct 202115:38
ibm
IBM Security Bulletins		Security Bulletin: IBM Watson Machine Learning Accelerator on Cloud Pak for Data is vulnerable to multiple vulnerabilities
12 Dec 202317:28
ibm
IBM Security Bulletins		Security Bulletin: IBM QRadar Use Case Manager app is vulnerable to using components with known vulnerabilities
20 Apr 202214:01
ibm
IBM Security Bulletins		Security Bulletin: There are multiple vulnerabilites that affect IBM Engineering Requirements Quality Assistant On-Premises (CVE-2021-4104, CVE-2021-29469, CVE-2021-44531, CVE-2021-44531, CVE-2022-21824, CVE-2021-29899, CVE-2021-27290 )
17 Mar 202215:37
ibm
IBM Security Bulletins		Security Bulletin: Multiple Vulnerabilities in Node.js affects IBM Netcool Agile Service Manager
1 Jun 202213:37
ibm
Rows per page
SourceLink
githubwww.github.com/python-pillow/Pillow/commit/3bce145966374dd39ce58a6fc0083f8d1890719c
githubwww.github.com/Python-Markdown/markdown/pull/1130
githubwww.github.com/python/cpython/commit/0b297d4ff1c0e4480ad33acae793fbaf4bf015b4
githubwww.github.com/NuGet/NuGet.Client/commit/a0671e946ce71dc59def5cc8a67c6457d66f33bf
camowww.camo.githubusercontent.com/604dfb1a1bfac98d0048f363e0e6d65bd88b4fdbd57f5b001a8f76ea580c1097/68747470733a2f2f646f79656e7365632e636f6d2f696d616765732f6c6f676f2e737667
githubwww.github.com/python/cpython/pull/17157
githubwww.github.com/pygments/pygments/commit/2e7e8c4a7b318f4032493773732754e418279a14
githubwww.github.com/ua-parser/uap-core/security/advisories/GHSA-cmcx-xhr8-3w9p
githubwww.github.com/trentm/python-markdown2/pull/387
githubwww.github.com/advisories/GHSA-hq37-853p-g5cf
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
20 Jul 2021 12:30Current
7.7High risk
Vulners AI Score7.7
CVSS 3.17.5
CVSS 25
EPSS0.06617
vulnerableregular expressiondenial of serviceredoscomplexitybacktrackingexamplemalicious stringexploitationmodule version
498