Regular Expression Denial Of Service (ReDoS)

org.apereo.cas, cas-server-core-configuration-metadata-repository is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to improper processing of the "Name" argument without input validation, which allows remote attackers to trigger excessive backtracking and degra...

CVE-2024-13926

The WP-Syntax WordPress plugin through 1.2 does not properly handle input, allowing an attacker to create a post containing a large number of tags, thereby exploiting a catastrophic backtracking issue in the regular expression processing to cause a DoS...

Regular Expression Denial of Service (ReDoS)

Overview org.webjars.npm:brace-expansion is a WebJar for brace-expansion. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in the expand function, which is prone to catastrophic backtracking on very long malicious inputs. PoC js import index from...

CVE-2024-13926

The WP-Syntax WordPress plugin through 1.2 does not properly handle input, allowing an attacker to create a post containing a large number of tags, thereby exploiting a catastrophic backtracking issue in the regular expression processing to cause a DoS...

Regular Expression Denial Of Service

uptime-kuma is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regex processing due to catastrophic backtracking triggered by crafted input during notification creation via the web service...

Uptime Kuma's Regular Expression in pushdeeer and whapi file Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

Summary There is a ReDoS vulnerability risk in the system, specifically when administrators create notification through the web servicepushdeer and whapi. If a string is provided that triggers catastrophic backtracking in the regular expression, it may lead to a ReDoS attack. Details The regular...

GHSA-HX7H-9VF7-5XHG Uptime Kuma's Regular Expression in pushdeeer and whapi file Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

Summary There is a ReDoS vulnerability risk in the system, specifically when administrators create notification through the web servicepushdeer and whapi. If a string is provided that triggers catastrophic backtracking in the regular expression, it may lead to a ReDoS attack. Details The regular...

SUSE CVE-2023-52928

In the Linux kernel, the following vulnerability has been resolved: bpf: Skip invalid kfunc call in backtrackinsn The verifier skips invalid kfunc call in checkkfunccall, which would be captured in fixupkfunccall if such insn is not eliminated by dead code elimination. However, this can lead to t...

DEBIAN-CVE-2023-52928

In the Linux kernel, the following vulnerability has been resolved: bpf: Skip invalid kfunc call in backtrackinsn The verifier skips invalid kfunc call in checkkfunccall, which would be captured in fixupkfunccall if such insn is not eliminated by dead code elimination. However, this can lead to t...

UBUNTU-CVE-2023-52928

In the Linux kernel, the following vulnerability has been resolved: bpf: Skip invalid kfunc call in backtrackinsn The verifier skips invalid kfunc call in checkkfunccall, which would be captured in fixupkfunccall if such insn is not eliminated by dead code elimination. However, this can lead to t...

CVE-2023-52928 bpf: Skip invalid kfunc call in backtrack_insn

In the Linux kernel, the following vulnerability has been resolved: bpf: Skip invalid kfunc call in backtrackinsn The verifier skips invalid kfunc call in checkkfunccall, which would be captured in fixupkfunccall if such insn is not eliminated by dead code elimination. However, this can lead to t...

CVE-2023-52928 bpf: Skip invalid kfunc call in backtrack_insn

In the Linux kernel, the following vulnerability has been resolved: bpf: Skip invalid kfunc call in backtrackinsn The verifier skips invalid kfunc call in checkkfunccall, which would be captured in fixupkfunccall if such insn is not eliminated by dead code elimination. However, this can lead to t...

CVE-2023-52928

CVE-2023-52928 concerns the Linux kernel’s BPF verifier. According to connected sources, the issue arises from the verifier’s handling of invalid kfunc calls in backtrack_insn, where such an instruction could be captured by fixup_kfunc_call() and, if not eliminated by DCE, trigger a warning in ba...

@mozilla/readability Denial of Service through Regex

Specially crafted titles may have caused a regular expression to excessively backtrack and cause a local denial of service. Additional Details are available at Bugzilla Credit: DayShift...

USN-7365-1: NLTK vulnerabilities

It was discovered that NLTK contained a regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a denial of service. CVE-2021-3842, CVE-2021-43854...

USN-7365-1 nltk vulnerabilities

It was discovered that NLTK contained a regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a denial of service. CVE-2021-3842, CVE-2021-43854...

Ubuntu: Security Advisory (USN-7365-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-3RW8-4XRQ-3F7P Duplicate Advisory: Uptime Kuma ReDoS vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hx7h-9vf7-5xhg. This link is maintained to preserve external references. Original Description Uptime Kuma == 1.23.0 has a ReDoS vulnerability, specifically when an administrator creates a notification through th...

CVE-2025-26042

Uptime Kuma == 1.23.0 has a ReDoS vulnerability, specifically when an administrator creates a notification through the web service. If a string is provided it triggers catastrophic backtracking in the regular expression, leading to a ReDoS attack...

CVE-2025-26042

Uptime Kuma == 1.23.0 has a ReDoS vulnerability, specifically when an administrator creates a notification through the web service. If a string is provided it triggers catastrophic backtracking in the regular expression, leading to a ReDoS attack...