Regular Expression Denial Of Service (ReDoS)

redis is vulnerable to regular expression denial of service. The vulnerability exists due to exponential backtracking on some strings when a client is in monitoring mode...

CVE-2021-29469

Node-redis is a Node.js Redis client. Before version 3.1.1, when a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service. The issue is patched in version 3.1.1...

DEBIAN-CVE-2021-29469

Node-redis is a Node.js Redis client. Before version 3.1.1, when a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service. The issue is patched in version 3.1.1...

UBUNTU-CVE-2021-29469

Node-redis is a Node.js Redis client. Before version 3.1.1, when a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service. The issue is patched in version 3.1.1...

node-redis 安全漏洞

node-redis is a software application. A high-performance Node.js Redis client. A security vulnerability exists in node-redis, which stems from the fact that when the client is in monitor mode, the start of a regex used to detect monitor messages may result in exponential backtracking of certain...

PT-2021-18237 · Unknown · Node-Redis

Name of the Vulnerable Software and Affected Versions: Node-redis versions prior to 3.1.1 Description: The issue is related to the regex used to detect monitor messages when a client is in monitoring mode, which could cause exponential backtracking on some strings, leading to a denial of service...

SUSE: Security Advisory (SUSE-SU-2018:3554-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-9HX2-HGQ2-2G4F Regular Expression Denial of Service (ReDoS) in Pillow

An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS ReDoS attack via a crafted PDF file because of a catastrophic backtracking regex...

DEBIAN-CVE-2021-25292

An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS ReDoS attack via a crafted PDF file because of a catastrophic backtracking regex...

PYSEC-2021-38

An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS ReDoS attack via a crafted PDF file because of a catastrophic backtracking regex...

PYSEC-2021-38

An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS ReDoS attack via a crafted PDF file because of a catastrophic backtracking regex...

CVE-2021-25292

An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS ReDoS attack via a crafted PDF file because of a catastrophic backtracking regex...

Regular expression denial of service (ReDoS) in EmailField component in Vaadin 14 and 15-17

Unsafe validation RegEx in EmailField component in com.vaadin:vaadin-text-field-flow versions 2.0.4 through 2.3.2 Vaadin 14.0.6 through 14.4.3, and 3.0.0 through 4.0.2 Vaadin 15.0.0 through 17.0.10 allows attackers to cause uncontrolled resource consumption by submitting malicious email addresses...

CVE-2021-23346

This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process...

html-parse-stringify 安全漏洞

Henrik Joreteg html-parse-stringify is an open source application by Henrik Joreteg. It provides a way to quickly parse HTML into an AST and stringify it to a raw string. A security vulnerability exists in html-parse-stringify before 2.0.1, which stems from the fact that sending certain inputs ma...

CVE-2021-25292

An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS ReDoS attack via a crafted PDF file because of a catastrophic backtracking regex...

UBUNTU-CVE-2021-25292

An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS ReDoS attack via a crafted PDF file because of a catastrophic backtracking regex...

CVE-2021-252892

The PDF parser has a catastrophic backtracking regex that could be used as a DOS attack...

Regular Expression Denial of Service (ReDoS)

Overview html-parse-stringify2 is a This is a fork of html-parse-stringify Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process...

SUSE-SU-2021:0607-1 Security update for python-Jinja2

This update for python-Jinja2 fixes the following issues: - CVE-2020-28493: Improve the speed of the 'urlize' filter by reducing regex backtracking. Email matching requires a word character at the start of the domain part, and only word characters in the TLD. bsc1181944...