CVE-2021-23353

This affects the package jspdf before 2.3.1. ReDoS is possible via the addImage function...

CVE-2021-23353

This affects the package jspdf before 2.3.1. ReDoS is possible via the addImage function...

Design/Logic Flaw

This affects the package jspdf before 2.3.1. ReDoS is possible via the addImage function...

CVE-2021-23353

The CVE-2021-23353 entry concerns jspdf before version 2.3.1, where a Regular Expression Denial of Service (ReDoS) is possible via the addImage function. Multiple sources (NVD, Node.js advisory, GitHub advisory, OSV, Veracode, CVE list) confirm the affected component and the vulnerability class. ...

CVE-2021-23353 Regular Expression Denial of Service (ReDoS)

This affects the package jspdf before 2.3.1. ReDoS is possible via the addImage function...

LukasHolländer jsPDF 安全漏洞

LukasHolländer jsPDF is LukasHolländer an open source application . Provides a library to generate PDF using JavaScript . jspdf before 2.3.1 A security vulnerability exists, which stems from the fact that ReDoS can be implemented via an additional function...

Python -- multiple vulnerabilities

Python reports: bpo-43434: Creating a sqlite3.Connection object now also produces a sqlite3.connect auditing event. Previously this event was only produced by sqlite3.connect calls. Patch by Erlend E. Aasland. bpo-43882: The presence of newline or tab characters in parts of a URL could allow some...

Regular Expression Denial Of Service (ReDoS)

html-parse-stringify2 is vulnerable to regular express denial of service ReDoS. The vulnerability exists through the regular expression of tagRE where parsing strings with multiple ' and " can consume huge amount of CPU resources...

CVE-2021-23346 Regular Expression Denial of Service (ReDoS)

This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process...

Regular Expression Denial-of-Service (ReDoS)

pillow is vulnerable to regular expression denial of service. Usage of an insecure regex allows an attacker to cause excessive CPU consumption when parsing a malicious PDF file...

Regular Expression Denial-of-Service (ReDoS)

activerecord is vulnerable to regular expression denial of service. The insecure regex used to validated the money type of the PostgreSQL adapter results in long periods of processing and allows an attacker to potentially crash the application via a malicious string...

GHSA-8HC4-XXM3-5PPP Active Record subject to Regular Expression Denial-of-Service (ReDoS)

The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service REDoS vulnerability. Carefully crafted input can cause the input validation in the money type of the PostgreSQL adapter in Active Record to spend too much time in a regular...

Regular Expression Denial of Service

Overview prismjs versions before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components. Recommendation Upgrade to version 1.23.0 or later References - Snyk Advisory - GitHub Advisory - CVE...

Denial of service in prismjs

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components...

GHSA-H4HR-7FG3-H35W Denial of service in prismjs

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components...

SUSE-SU-2021:0654-1 Security update for python-Jinja2

This update for python-Jinja2 fixes the following issues: - CVE-2020-28493: Fixed a ReDOS vulnerability where urlize could have been called with untrusted user data bsc1181944...

Regular Expression Denial Of Service (ReDoS)

nwmatcher is vulnerable to regular expression denial of service. The use of multiple repeated instances of the "\s" in regular expressionPatterns allows an attacker to crash the application via a malicious string...

Regular Expression Denial of Service

Overview Affected versions of nwmatcher are vulnerable to Regular Expression Denial of Service ReDoS. This can cause an impact of about 10 seconds matching time for data 2k characters long. Recommendation Upgrade to version 1.4.4 or later References - WhiteSource Advisory - Snyk Advisory - GitHub...

Regular Expression Denial of Service

A flaw was found in nodejs-marked versions from 0.5.0 to before 0.6.1. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS. Input to the host variable is vulnerable when input contains parenthesis in link URIs, coupled with a high number of link tokens i...

GHSA-7M7Q-Q53V-J47V Regular Expression Denial of Service

A flaw was found in nodejs-marked versions from 0.5.0 to before 0.6.1. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS. Input to the host variable is vulnerable when input contains parenthesis in link URIs, coupled with a high number of link tokens i...