Lucene search
K

111 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:32 a.m.3 views

SUSE CVE-2022-2596

Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10...

5.9CVSS6.4AI score0.01104EPSS
Exploits1References3
Prion
Prion
added 2023/02/12 9:15 p.m.20 views

Information disclosure

A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function isheader of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this...

5CVSS7.6AI score0.0092EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2023/02/12 8:31 p.m.56 views

CVE-2020-36661

CVE-2020-36661 affects Kong lua-multipart 0.5.8-1. The vulnerability resides in the is_header function in src/multipart.lua, causing inefficient regular expression complexity (redos). The issue has a stated fix: upgrade to version 0.5.9-1, with the patch identified as d632e5df43a2928fd537784a99a7...

7.5CVSS5.6AI score0.0092EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2023/02/12 12:0 a.m.6 views

simple-markdown 安全漏洞

Khan Academy simple-markdown is a Markdown parser. A security vulnerability exists in simple-markdown version 0.6.0. An attacker has exploited the vulnerability to reduce regular expression complexity...

7.5CVSS5.6AI score0.01097EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/02/12 12:0 a.m.7 views

lua-multipart 安全漏洞

lua-multipart is a Lua library for parsing and editing multipart/form-data data. A security vulnerability exists in Kong lua-multipart version 0.5.8-1. An attacker has exploited the vulnerability to reduce regular expression complexity...

7.5CVSS5.6AI score0.0092EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/02/12 12:0 a.m.5 views

PT-2023-11360 · Unknown · Simple-Markdown

Name of the Vulnerable Software and Affected Versions: simple-markdown version 0.6.0 Description: A problematic vulnerability was found in the simple-markdown software, affecting an unknown function of the file simple-markdown.js. The issue arises from inefficient regular expression complexity wh...

7.5CVSS7.1AI score0.01097EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2023/02/11 12:0 a.m.4 views

PT-2023-33000 · Unknown · Http-Cache-Semantics +1

Name of the Vulnerable Software and Affected Versions: http-cache-semantics versions prior to 4.1.1 cacheable-request versions prior to 10.2.7 Description: The issue is related to an Inefficient Regular Expression Complexity in http-cache-semantics, which can lead to Denial of Service. This can b...

7.5CVSS7AI score
Exploits0References5
CNNVD
CNNVD
added 2023/01/11 12:0 a.m.3 views

mholt PapaParse 安全漏洞

mholt PapaParse is a CSV delimited text parser for individual developers. A security vulnerability exists in mholt PapaParse version 5.1.x and earlier versions. An attacker exploited the vulnerability to cause inefficient regular expression complexity...

7.5CVSS5.6AI score0.01388EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2023/01/11 12:0 a.m.7 views

PT-2023-10815 · Unknown · Prestaul Skeemas

Name of the Vulnerable Software and Affected Versions: Prestaul skeemas affected versions not specified Description: A vulnerability was found in Prestaul skeemas and classified as problematic. This issue affects some unknown processing of the file validators/base.js. The manipulation of the...

7.5CVSS4.4AI score0.0091EPSS
Exploits0References9
OSV
OSV
added 2023/01/09 10:15 a.m.2 views

DEBIAN-CVE-2017-20165

A vulnerability classified as problematic has been found in debug-js debug up to 3.0.x. This affects the function useColors of the file src/node.js. The manipulation of the argument str leads to inefficient regular expression complexity. Upgrading to version 3.1.0 is able to address this issue. T...

7.5CVSS4.4AI score0.02046EPSS
Exploits0References1
OSV
OSV
added 2023/01/05 12:15 p.m.6 views

AZL-43849 CVE-2017-20162 affecting package nodejs-nodemon 2.0.3-4

A vulnerability, which was classified as problematic, has been found in vercel ms up to 1.x. This issue affects the function parse of the file index.js. The manipulation of the argument str leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has...

5.3CVSS5.2AI score0.00981EPSS
Exploits1References1
OSV
OSV
added 2023/01/05 12:15 p.m.4 views

UBUNTU-CVE-2017-20162

A vulnerability, which was classified as problematic, has been found in vercel ms up to 1.x. This issue affects the function parse of the file index.js. The manipulation of the argument str leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has...

5.3CVSS5.1AI score0.00981EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/01/05 12:0 a.m.6 views

PT-2023-12409 · Unknown · Woorank Robots-Txt-Guard

Name of the Vulnerable Software and Affected Versions: Woorank robots-txt-guard affected versions not specified Description: A vulnerability was found in the function makePathPattern of the file lib/patterns.js. The manipulation of the argument pattern leads to inefficient regular expression...

7.5CVSS4.6AI score0.00938EPSS
Exploits0References9
NVD
NVD
added 2023/01/02 8:15 a.m.16 views

CVE-2021-4299

A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...

7.5CVSS5.3AI score0.00927EPSS
Exploits0References4
NVD
NVD
added 2022/12/27 9:15 a.m.12 views

CVE-2015-10005

A vulnerability was found in markdown-it up to 2.x. It has been classified as problematic. Affected is an unknown function of the file lib/common/htmlre.js. The manipulation leads to inefficient regular expression complexity. Upgrading to version 3.0.0 is able to address this issue. The name of t...

7.5CVSS0.00946EPSS
Exploits0References4
Prion
Prion
added 2022/12/27 9:15 a.m.16 views

Design/Logic Flaw

A vulnerability was found in markdown-it up to 2.x. It has been classified as problematic. Affected is an unknown function of the file lib/common/htmlre.js. The manipulation leads to inefficient regular expression complexity. Upgrading to version 3.0.0 is able to address this issue. The name of t...

5CVSS7.1AI score0.00946EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2022/12/27 12:0 a.m.3 views

Markdown-It 安全漏洞

Markdown-It is a Markdown parser. A security vulnerability exists in versions of Markdown-It before 2.x. An attacker exploited the vulnerability to cause an increase in the complexity of regular expressions...

7.5CVSS5.6AI score0.00946EPSS
Exploits0References5
OSV
OSV
added 2022/09/14 8:30 a.m.5 views

USN-5610-1 rust-regex vulnerability

Addison Crump discovered that rust-regex did not properly limit the complexity of the regular expressions regex it parses. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7AI score0.1446EPSS
Exploits1References2
Huntr
Huntr
added 2022/06/29 6:40 a.m.25 views

Inefficient Regular Expression Complexity potentially leads to Denial of Service in

Description Inefficient regular expression complexity of lowercase and uppercase regex could lead to a denial of service attack. With a formed payload 'a' + 'a'.repeati + 'A', only 32 characters payload could take 29443 ms time execution when testing lowercase. The same issue happens with...

5CVSS1.5AI score0.01331EPSS
Exploits1References2
OSV
OSV
added 2022/01/04 3:15 p.m.4 views

DEBIAN-CVE-2021-3842

nltk is vulnerable to Inefficient Regular Expression Complexity...

7.5CVSS7.2AI score0.01502EPSS
Exploits1References1
Rows per page
Query Builder