3332 matches found
Denial of service
A Regular Expression Denial of Service ReDOS vulnerability was discovered in scaffold-helper v1.2.0 when copying crafted invalid files...
CVE-2021-40899
A Regular Expression Denial of Service ReDOS vulnerability was discovered in repo-git-downloader v0.1.1 when downloading crafted invalid git repositories...
CVE-2021-40899
CVE-2021-40899 : A ReDOS (Regular Expression Denial of Service) vulnerability exists in the open-source tool repo-git-downloader v0.1.1 when downloading crafted invalid Git repositories. The issue stems from improper regular expressions used in the code path handling repository URLs, enabling att...
CVE-2021-40898
CVE-2021-40898 affects scaffold-helper v1.2.0, where copying crafted invalid files triggers a Regular Expression Denial of Service (ReDoS). The issue stems from inefficient/insufficient checks in the regex paths used by getProcessedPath or getDynamicFilename during copy operations, enabling poten...
CVE-2021-40897
A Regular Expression Denial of Service ReDOS vulnerability was discovered in split-html-to-chars v1.0.5 when splitting crafted invalid htmls...
CVE-2021-40896
A Regular Expression Denial of Service ReDOS vulnerability was discovered in that-value v0.1.3 when validating crafted invalid emails...
Denial of service
A Regular Expression Denial of Service ReDOS vulnerability was discovered in todo-regex v0.1.1 when matching crafted invalid TODO statements...
Denial of service
A Regular Expression Denial of Service ReDOS vulnerability was discovered in split-html-to-chars v1.0.5 when splitting crafted invalid htmls...
Denial of service
A Regular Expression Denial of Service ReDOS vulnerability was discovered in that-value v0.1.3 when validating crafted invalid emails...
CVE-2021-40897
CVE-2021-40897 affects split-html-to-chars v1.0.5. A Regular Expression Denial of Service (ReDOS) vulnerability arises from inefficient patterns in the Splitter when processing crafted invalid HTML, leading to potential denial of service. Public references describe the issue in index.js and relat...
CVE-2021-40896
CVE-2021-40896 affects that-value v0.1.3, with a Regular Expression Denial of Service when validating crafted invalid emails. Affected component: that-value (Python/JS validator package as per sources). Root cause: ReDOS vulnerability described in multiple entries (NVD/Red Hat/CNVD) as a flaw in ...
CVE-2021-40896
A Regular Expression Denial of Service ReDOS vulnerability was discovered in that-value v0.1.3 when validating crafted invalid emails...
CVE-2021-40895
CVE-2021-40895 affects todo-regex v0.1.1 and is a Regular Expression Denial of Service (ReDOS) vulnerability triggered by crafted invalid TODO statements. Impact is denial of service; no exploit details provided beyond this. Remediation suggestion found in PT-2022-11323: for v0.1.1, update to a n...
CVE-2021-40894
A Regular Expression Denial of Service ReDOS vulnerability was discovered in underscore-99xp v1.7.2 when the deepValueSearch function is called...
CVE-2021-40894
CVE-2021-40894 affects underscore-99xp v1.7.2, where the deepValueSearch function can trigger a Regular Expression Denial of Service (ReDOS). Multiple sources (CNVD, NVD, Veracode, CNVD Chinese entry) describe a vulnerability in the deepValueSearch path that could lead to denial of service. The i...
Denial of service
A Regular Expression Denial of Service ReDOS vulnerability was discovered in validate-data v0.1.1 when validating crafted invalid emails...
CVE-2021-40893
CVE-2021-40893 describes a ReDOS vulnerability in the Node.js library validate-data v0.1.1 triggered while validating crafted invalid emails. Root cause: improper handling during email validation leads to excessive backtracking. Impact: potential Denial of Service. Affected component: validate-da...
CVE-2021-40893
A Regular Expression Denial of Service ReDOS vulnerability was discovered in validate-data v0.1.1 when validating crafted invalid emails...
CVE-2021-40892
A Regular Expression Denial of Service ReDOS vulnerability was discovered in validate-color v2.1.0 when handling crafted invalid rgba strings...
Denial of service
A Regular Expression Denial of Service ReDOS vulnerability was discovered in validate-color v2.1.0 when handling crafted invalid rgba strings...