Mosca REDoS Vulnerability allows remote attackers to deny service on vulnerable installations of npm mosca 2.8.1. Authentication is not required to exploit this vulnerability. The flaw exists within the processing of topics, where a crafted regular expression can cause the broker to crash. Attackers can exploit this vulnerability to deny access to the target system
Reporter | Title | Published | Views | Family All 9 |
---|---|---|---|---|
![]() | npm mosca Regular Expression Parsing Denial-of-Service Vulnerability | 13 Jun 201800:00 | – | zdi |
![]() | CVE-2018-11615 | 30 Aug 201812:29 | – | cve |
![]() | Mosca REDoS Vulnerability | 31 Aug 201806:22 | – | github |
![]() | Denial Of Service (DoS) | 31 Aug 201802:53 | – | veracode |
![]() | Mosca Project Denial of Service (CVE-2018-11615) | 25 Jun 202000:00 | – | checkpoint_advisories |
![]() | CVE-2018-11615 | 30 Aug 201812:00 | – | cvelist |
![]() | CVE-2018-11615 | 30 Aug 201812:29 | – | nvd |
![]() | CVE-2018-11615 | 30 Aug 201812:29 | – | osv |
![]() | Design/Logic Flaw | 30 Aug 201812:29 | – | prion |
Source | Link |
---|---|
nvd | www.nvd.nist.gov/vuln/detail/CVE-2018-11615 |
github | www.github.com/advisories/GHSA-wqg7-vrj7-v82h |
zerodayinitiative | www.zerodayinitiative.com/advisories/ZDI-18-583 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo