Regular Expression Denial of Service in marked

Versions 0.3.3 and earlier of marked are affected by a regular expression denial of service ReDoS vulnerability when passed inputs that reach the em inline rule. Recommendation Update to version 0.3.4 or later...

Regular Expression Denial of Service in is-my-json-valid

Version of is-my-json-valid before 2.12.4 are vulnerable to regular expression denial of service ReDoS via the email validation function. Recommendation Update to version 2.12.4 or later...

Regular Expression Denial Of Service (ReDoS)

moment is vulnerable to denial of service DoS attacks. These attacks are possible because the regular expression that is used for matching dates takes awhile for long strings...

CVE-2017-15010

A ReDoS regular expression denial of service flaw was found in the tough-cookie module before 2.3.3 for Node.js. An attacker that is able to make an HTTP request using a specially crafted cookie may cause the application to consume an excessive amount of CPU...

CVE-2017-15010

A ReDoS regular expression denial of service flaw was found in the tough-cookie module before 2.3.3 for Node.js. An attacker that is able to make an HTTP request using a specially crafted cookie may cause the application to consume an excessive amount of CPU...

CVE-2017-15010

A ReDoS regular expression denial of service flaw was found in the tough-cookie module before 2.3.3 for Node.js. An attacker that is able to make an HTTP request using a specially crafted cookie may cause the application to consume an excessive amount of CPU...

Design/Logic Flaw

A ReDoS regular expression denial of service flaw was found in the tough-cookie module before 2.3.3 for Node.js. An attacker that is able to make an HTTP request using a specially crafted cookie may cause the application to consume an excessive amount of CPU...

UBUNTU-CVE-2017-15010

A ReDoS regular expression denial of service flaw was found in the tough-cookie module before 2.3.3 for Node.js. An attacker that is able to make an HTTP request using a specially crafted cookie may cause the application to consume an excessive amount of CPU...

CVE-2017-15010

A ReDoS regular expression denial of service flaw was found in the tough-cookie module before 2.3.3 for Node.js. An attacker that is able to make an HTTP request using a specially crafted cookie may cause the application to consume an excessive amount of CPU...

CVE-2017-15010

A ReDoS regular expression denial of service flaw was found in the tough-cookie module before 2.3.3 for Node.js. An attacker that is able to make an HTTP request using a specially crafted cookie may cause the application to consume an excessive amount of CPU...

CVE-2017-15010

CVE-2017-15010 affects the Node.js tough-cookie module prior to version 2.3.3. It is a ReDoS vulnerability where processing a specially crafted HTTP Cookie header can cause high CPU usage. Vendors/adv advisories recommend upgrading to 2.3.3 or newer (e.g., 2.3.3+; Fedora/RH advisories mention 2.3...

Regular Expression Denial Of Service (ReDoS)

fresh is vulnerable to regular expression denial of service ReDoS.The vulnerability exists when matching multiple ETags in If-None-Match which causes the event loop to be blocked...

Regular Expression Denial Of Service (ReDoS)

mime is vulnerable to regular expression denial of service ReDoS attacks. The library does not restrict the type of characters that it takes in, causing the application to take a long time to process. A malicious user can use this behaviour to cause a ReDoS...

Regular Expression Denial Of Service (ReDoS)

slug is vulnerable to regular expression denial of service ReDoS attacks. The library does not limit the type of characters that get parsed, allowing a malicious user to pass a string to the application to cause a ReDoS...

Regular Expression Denial Of Service (ReDoS)

timespan is vulnerable to regular expression denial of service ReDoS attacks. The library does not restrict the type of characters in a timestamp before parsing it, allowing a malicious user to pass a timestamp to cause a ReDoS...

Regular Expression Denial Of Service (ReDoS)

parsejson is vulnerable to regular expression denial of service ReDoS attacks. An attacker can pass a JSON file to the library that when parsed can cause a ReDoS...

Regular Expression Denial Of Service (ReDoS)

debug is vulnerable to Regular Expression Denial Of Service ReDoS. The regular expression is used to map %o to util.inspect can take awhile for long strings, hanging an application...

Regular Expression Denial Of Service (ReDoS)

content is vulnerable to regular expression denial of service ReDoS attacks. Attackers can use malicious content-type or content-disposition headers to trigger the attack since it does not properly handle the OWS parametes in the headers...

Regular Expression Denial Of Service (ReDoS) Via Parsing Cookies

tough-cookie is vulnerable to regular expression denial of service ReDoS attack. The vulnerability exists because the COOKIEPAIR regular expression used to parse the cookies causes unlimited repetitions when matching input characters. By using a large cookie string, attackers can make the process...

Regular Expression Denial Of Service (ReDoS)

struts2-core and xwork-core are vulnerable to regular expression denial of service ReDoS attacks. When the URLValidator is used it is possible to overload the server process through an attacker controlled URL. These attacks are as a result of an incomplete fix for CVE-2017-7672...