UBUNTU-CVE-2021-26271

It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs in the Advanced Tab for Dialogs plugin...

CVE-2021-26272

It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space in the Autolink plugin...

CVE-2021-26272

CVE-2021-26272 is a ReDoS in CKEditor 4 Autolink: by pasting crafted URL-like text and pressing Enter/Space, a victim can trigger a denial-of-service. The publicly documented detail confirms CKEditor 4.x up to before 4.16 is affected; remediation is to upgrade to CKEditor 4.16+ or apply a fix as ...

CVE-2021-26272

It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space in the Autolink plugin...

CVE-2021-26271

It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs in the Advanced Tab for Dialogs plugin...

CVE-2021-26271

CVE-2021-26271 affects CKEditor 4 before 4.16. An attacker could trigger a ReDoS-type DoS by persuading a victim to paste crafted text into the Styles input of dialogs (Advanced Tab in the Dialogs plugin). Affected versions are CKEditor 4.x prior to 4.16; remediation is to upgrade to 4.16 or newe...

CVE-2021-26271

It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs in the Advanced Tab for Dialogs plugin...

CKEditor Security Vulnerabilities

CKEditor is an open source, web-based text editor. A security vulnerability exists in CKEditor prior to CKEditor 4.16, which allows redos-type attacks to be executed in CKEditor 4 by inducing a victim to paste carefully crafted text into the styled input of a specific dialog box...

Regular Expression Denial Of Service (ReDoS)

glob-parent is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists as the enclosure regex used to check for strings ending in enclosure containing path separator has an unescaped exclamation mark...

Regular Expression Denial Of Service (ReDoS)

jquery-validation is vulnerable to regular expression denial of service. An insecure use of a regular expression to parse URLs allows an attacker to cause a denial of service condition via a malicious URL...

CVE-2021-21252

The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more regular expressions that are vulnerable to ReDoS Regular Expression Denial of Service. This is fixe...

CVE-2021-21252

The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more regular expressions that are vulnerable to ReDoS Regular Expression Denial of Service. This is fixe...

Input validation

The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more regular expressions that are vulnerable to ReDoS Regular Expression Denial of Service. This is fixe...

CVE-2021-21252

The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more regular expressions that are vulnerable to ReDoS Regular Expression Denial of Service. This is fixe...

Regular Expression Denial Of Service (ReDoS)

codemirror is vulnerable to regular expression denial of service. An attacker is able to cause a denial of service condition through the submission of a malicious token...

CVE-2021-21252

CVE-2021-21252 affects the jquery-validation (jquery-validation) package. It is a ReDoS (Regular Expression Denial of Service) in Regular Expressions used by the plugin prior to version 1.19.3. The issue is fixed in 1.19.3. Public sources in the connected docs (NVD, GitHub advisory GHSA-jxwx-85vp...

CVE-2021-21252 Regular expression denial of service in jquery-validation

The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more regular expressions that are vulnerable to ReDoS Regular Expression Denial of Service. This is fixe...

CVE-2021-21252

The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more regular expressions that are vulnerable to ReDoS Regular Expression Denial of Service. This is fixe...

Regular Expression Denial Of Service (ReDoS)

tinymce is vulnerable to regular expression denial of service. The vulnerability allows malicious ruby code samples to cause a denial of service condition in the browser while performing syntax highlighting...

GHSA-H96F-FC7C-9R55 Regex denial of service vulnerability in codesample plugin

Impact A regex denial of service ReDoS vulnerability was discovered in a dependency of the codesample plugin. The vulnerability allowed poorly formed ruby code samples to lock up the browser while performing syntax highlighting. This impacts users of the codesample plugin using TinyMCE 5.5.1 or...