Regular Expression Denial of Service

Overview Affected versions of diff are vulnerable to Regular Expression Denial of Service ReDoS. This can cause an impact of about 10 seconds matching time for data 48K characters long. Recommendation Upgrade to 3.5.0 or later. References - WhiteSource Advisory - Snyk Advisory - GitHub Advisory...

Regular Expression Denial of Service

Overview In affected versions of @ckeditor/ckeditor5-markdown-gfm a regular expression denial of service ReDoS vulnerability has been discovered. Impact The vulnerability allowed to abuse a link recognition regular expression, which could cause a significant performance drop resulting in a browse...

Regular Expression Denial Of Service (ReDoS)

@progfay/scrapbox-parser is vulnerable to Regular Expression Denial Of Service. An insecure regex allows an attacker to crash the application via a malicious URL...

Regular Expression Denial of Service

Overview The GitHub Security Lab team has identified potential security vulnerabilities in jquery-validation. The project contains one or more regular expressions that are vulnerable to ReDoS Regular Expression Denial of Service Recommendation Upgrade to fixed version 1.19.3 or later References -...

CVE-2021-27405

A ReDoS regular expression denial of service flaw was found in the @progfay/scrapbox-parser package before 6.0.3 for Node.js...

Design/Logic Flaw

A ReDoS regular expression denial of service flaw was found in the @progfay/scrapbox-parser package before 6.0.3 for Node.js...

Regular Expression Denial Of Service (ReDoS)

three is vulnerable to regular expression denial of service. The usage of an insecure regex in setStyle function in color.js allows an attacker to cause excessive consumption of CPU resources, potentially resulting in an application crash...

CVE-2021-27405

A ReDoS regular expression denial of service flaw was found in the @progfay/scrapbox-parser package before 6.0.3 for Node.js...

CVE-2021-27405

CVE-2021-27405 affects the Node.js package "@progfay/scrapbox-parser" before version 6.0.3 (also 7.0.2 in some advisories). The root cause is a Regular Expression Denial of Service (ReDoS) in DecorationNode, StrongNode and ExternalLinkNode that can be triggered by crafted input, causing high CPU ...

Regular Expression Denial Of Service (ReDoS)

prismjs is vulnerable to Regular Expression Denial Of Service ReDoS. An attacker is able to crash the system by submitting malicious string via the prism-asciidoc, prism-rest, prism-tap, prism-batch and prism-eiffel components...

CVE-2021-23341

A flaw was found in nodejs-prismjs. A Regular Expression Denial of Service ReDoS is possible via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components...

CVE-2021-23341

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components...

CVE-2021-23341

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components...

DEBIAN-CVE-2021-23341

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components...

CVE-2021-23341

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components...

Design/Logic Flaw

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components...

CVE-2021-23341

CVE-2021-23341 : PrismJS before 1.23.0 is vulnerable to a Regular Expression Denial of Service (ReDoS) via the prism-asciidoc, prism-rest, prism-tap, and prism-eiffel components. Connected advisories/tracking confirm the affected package and remediation guidance. Remediation: upgrade PrismJS to v...

CVE-2021-23341 Regular Expression Denial of Service (ReDoS)

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components...

CVE-2021-23341

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components...

CVE-2021-21317

uap-core in an open-source npm package which contains the core of BrowserScope's original user agent string parser. In uap-core before version 0.11.0, some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to...