CVE-2020-26303

insane is a whitelist-oriented HTML sanitizer. Versions 2.6.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no known patches are available...

CVE-2020-26311 GHSL-2020-312: Regular Expression Denial of Service (ReDoS) in useragent

Useragent is a user agent parser for Node.js. All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no patches are available...

CVE-2020-26311

The CVE-2020-26311 entry concerns the Node.js Useragent parser. The connected sources confirm a Regular Expression Denial of Service (ReDoS) vulnerability caused by one or more part-regular expressions within the useragent package, affecting all versions at the time of publication. The impact is ...

CVE-2020-26310 GHSL-2020-305: Regular Expression Denial of Service (ReDoS) in Pure JavaScript HTML5 Parser

Validate.js provides a declarative way of validating javascript objects. All versions as of 30 November 2020 contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, it is unknown if any patches are available...

CVE-2020-26310

CVE-2020-26310 affects Validate.js; all versions as of 30 November 2020 are vulnerable to Regular Expression Denial of Service (ReDoS). Connected sources confirm a CVSS base score of 8.7 ( HIGH ), AV:N/AC:L/AT:N/PR:N/UI:N/VI:N/SC:N/VA:H, with potential impact on availability and negligible impact...

CVE-2020-26309

CVE-2020-26309 concerns the Nope-validator (Validate.js) library. Versions 0.11.3 and earlier contain one or more regular expressions vulnerable to Regular Expression Denial of Service (ReDoS). Documented sources indicate this is a high-severity issue (CVSS-like: HIGH) with potential network expo...

CVE-2020-26309 GHSL-2020-303: Regular Expression Denial of Service (ReDoS) in nope-validator

Validate.js provides a declarative way of validating javascript objects. Versions 0.11.3 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, it is unknown if any patches are available...

CVE-2020-26309 GHSL-2020-303: Regular Expression Denial of Service (ReDoS) in nope-validator

Validate.js provides a declarative way of validating javascript objects. Versions 0.11.3 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, it is unknown if any patches are available...

CVE-2020-26308 GHSL-2020-302: Regular Expression Denial of Service (ReDoS) in validate.js

Validate.js provides a declarative way of validating javascript objects. Versions 0.13.1 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no known patches are available...

CVE-2020-26307 GHSL-2020-301: Regular Expression Denial of Service (ReDoS) in HTML2Markdown

HTML2Markdown is a Javascript implementation for converting HTML to Markdown text. All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no known patches are available...

CVE-2020-26307

HTML2Markdown (JavaScript) is vulnerable to Regular Expression Denial of Service (ReDoS) across all versions. The root cause is improperly crafted regular expressions used during HTML to Markdown conversion. As of publication, there are no patches available. Connected sources corroborate a ReDoS ...

CVE-2020-26307 GHSL-2020-301: Regular Expression Denial of Service (ReDoS) in HTML2Markdown

HTML2Markdown is a Javascript implementation for converting HTML to Markdown text. All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no known patches are available...

CVE-2020-26306 GHSL-2020-296: Regular Expression Denial of Service (ReDoS) in Knwl.js

Knwl.js is a Javascript library that parses through text for dates, times, phone numbers, emails, places, and more. Versions 1.0.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no known patches are...

CVE-2020-26306 GHSL-2020-296: Regular Expression Denial of Service (ReDoS) in Knwl.js

Knwl.js is a Javascript library that parses through text for dates, times, phone numbers, emails, places, and more. Versions 1.0.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no known patches are...

CVE-2020-26306

Knwl.js (JavaScript) versions 1.0.2 and earlier are vulnerable to Regular Expression Denial of Service (ReDoS) due to inefficient regular expressions. No patches were available at the time of publication. The issue affects text parsing of dates, times, phone numbers, emails, and locations; exploi...

CVE-2020-26305 GHSL-2020-291: Regular Expression Denial of Service (ReDoS) in CommonRegexJS

CommonRegexJS is a CommonRegex port for JavaScript. All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no known patches are available...

CVE-2020-26305 GHSL-2020-291: Regular Expression Denial of Service (ReDoS) in CommonRegexJS

CommonRegexJS is a CommonRegex port for JavaScript. All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no known patches are available...

CVE-2020-26305

CVE-2020-26305 concerns the CommonRegexJS library (a CommonRegex port for JavaScript). Multiple connected sources confirm that all available versions are affected by Regular Expression Denial of Service (ReDoS) due to inefficient or vulnerable regular expressions used by the library. The underlyi...

CVE-2020-26304 GHSL-2020-290: Regular Expression Denial of Service (ReDoS) in foundation-sites

Foundation is a front-end framework. Versions 6.3.3 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, it is unknown if any fixes are available...

CVE-2020-26304

CVE-2020-26304 concerns the Foundation (foundation-sites) front-end framework. Multiple connected sources confirm that versions ≤ 6.3.3 contain one or more vulnerable regular expressions that can be exploited for Regular Expression Denial of Service (ReDoS). The root cause is the presence of inef...