Lucene search
GoogleOSV:CVE-2021-32723HistoryJun 28, 2021 - 8:15 p.m.
CVE-2021-32723
2021-06-2820:15:07
Google
osv.dev
2
0.001 Low
EPSS
Percentile
46.4%
Prism is a syntax highlighting library. Some languages before 1.24.0 are vulnerable to Regular Expression Denial of Service (ReDoS). When Prism is used to highlight untrusted (user-given) text, an attacker can craft a string that will take a very very long time to highlight. This problem has been fixed in Prism v1.24. As a workaround, do not use ASCIIDoc or ERB to highlight untrusted text. Other languages are not affected and can be used to highlight untrusted text.
Related
cvelist
cvelist
CVE-2021-32723 Regular Expression Denial of Service (ReDoS) in Prism
2021-06-28 19:15:15
ubuntucve
ubuntucve
CVE-2021-32723
2021-06-28 00:00:00
prion
prion
Design/Logic Flaw
2021-06-28 20:15:00
nvd
nvd
CVE-2021-32723
2021-06-28 20:15:07
nodejs
nodejs
Regular Expression Denial of Service
2021-06-28 18:33:51
redhatcve
redhatcve
CVE-2021-32723
2021-07-08 09:35:46
osv
osv
Regular Expression Denial of Service (ReDoS) in Prism
2021-06-28 18:33:18
cve
cve
CVE-2021-32723
2021-06-28 20:15:07
cnvd
cnvd
Prism Resource Management Error Vulnerability
2021-06-30 00:00:00
github
github
Regular Expression Denial of Service (ReDoS) in Prism
2021-06-28 18:33:18
nessus
nessus
Oracle Database Server (Jan 2022 CPU)
2022-01-19 00:00:00
ibm
ibm
oracle
oracle
Oracle Critical Patch Update Advisory - January 2022
2022-01-18 00:00:00