Lucene search
K

12 matches found

NVD
NVD
added 2026/06/11 5:16 p.m.18 views

CVE-2026-44496

Axios is a promise based HTTP client for the browser and Node.js. Axios versions before 0.32.0 on the 0.x line and before 1.16.0 on the 1.x line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who...

7.5CVSS0.00645EPSS
Exploits1References28
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-29580

Malicious code in bioql PyPI...

7.5CVSS6.8AI score0.02448EPSS
Exploits0References8
Prion
Prion
added 2022/03/16 5:15 p.m.56 views

Input validation

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the dialog plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a brows...

5CVSS7.2AI score0.02448EPSS
Exploits0References6Affected Software9
OSV
OSV
added 2022/03/16 12:0 a.m.28 views

CVE-2022-24729 Regular expression Denial of Service in dialog plugin

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the dialog plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a brows...

6.5CVSS6.5AI score0.02448EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2022/03/16 12:0 a.m.64 views

CVE-2022-24729

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the dialog plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a brows...

7.5CVSS6.5AI score0.02448EPSS
Exploits0
NVD
NVD
added 2021/04/29 1:15 a.m.19 views

CVE-2021-21391

CKEditor 5 provides a WYSIWYG editing solution. This CVE affects the following npm packages: ckeditor5-engine, ckeditor5-font, ckeditor5-image, ckeditor5-list, ckeditor5-markdown-gfm, ckeditor5-media-embed, ckeditor5-paste-from-office, and ckeditor5-widget. Following an internal audit, a regular...

6.5CVSS0.01667EPSS
Exploits0References9
Prion
Prion
added 2021/04/29 1:15 a.m.12 views

Denial of service

CKEditor 5 provides a WYSIWYG editing solution. This CVE affects the following npm packages: ckeditor5-engine, ckeditor5-font, ckeditor5-image, ckeditor5-list, ckeditor5-markdown-gfm, ckeditor5-media-embed, ckeditor5-paste-from-office, and ckeditor5-widget. Following an internal audit, a regular...

4.3CVSS6.3AI score0.01667EPSS
Exploits0References9Affected Software8
OSV
OSV
added 2021/04/29 1:15 a.m.17 views

UBUNTU-CVE-2021-21391

CKEditor 5 provides a WYSIWYG editing solution. This CVE affects the following npm packages: ckeditor5-engine, ckeditor5-font, ckeditor5-image, ckeditor5-list, ckeditor5-markdown-gfm, ckeditor5-media-embed, ckeditor5-paste-from-office, and ckeditor5-widget. Following an internal audit, a regular...

6.5CVSS6.5AI score0.01667EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2021/04/29 12:20 a.m.19 views

CVE-2021-21391

Removed by vendor...

6.5CVSS6.5AI score0.01667EPSS
Exploits0
OSV
OSV
added 2021/01/29 10:15 p.m.20 views

CVE-2021-21254

CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin @ckeditor/ckeditor5-markdown-gfm before version 25.0.0 has a regex denial of service ReDoS vulnerability. The vulnerability allowed to abuse link recognition regular expression, whi...

6.5CVSS6.3AI score
Exploits0References3
Cvelist
Cvelist
added 2021/01/29 9:55 p.m.23 views

CVE-2021-21254 Regular expression Denial of Service in Markdown plugin

CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin @ckeditor/ckeditor5-markdown-gfm before version 25.0.0 has a regex denial of service ReDoS vulnerability. The vulnerability allowed to abuse link recognition regular expression, whi...

6.5CVSS6.5AI score0.01792EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/01/29 12:0 a.m.5 views

PT-2021-14364 · Ckeditor · Ckeditor 5 Markdown Plugin

Name of the Vulnerable Software and Affected Versions: CKEditor 5 Markdown plugin versions prior to 25.0.0 Description: The CKEditor 5 Markdown plugin has a regex denial of service ReDoS vulnerability. This vulnerability allows the abuse of link recognition regular expressions, which could cause ...

6.5CVSS6.3AI score0.01792EPSS
Exploits0References10
Rows per page
Query Builder