6 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-26271
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific...
Security Bulletin: IBM Sterling Global Mailbox is vulnerable to denial of service due to CKeditor WYSIWYG editor (CVE-2021-26271, CVE-2021-26272)
Summary CKeditor WYSIWYG editor is shipped with IBM Sterling Global Mailbox. Denial of service vulnerabilities impact CKeditor WYSIWYG editor. Remediation is available for the issues. Vulnerability Details CVEID: CVE-2021-26271 DESCRIPTION: CKEditor is vulnerable to a denial of service, caused by...
Security Bulletin: IBM API Connect is impacted by vulnerabilities in Drupal CKEditor (CVE-2021-26271, CVE-2021-26272)
Summary IBM API Connect has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2021-26271 DESCRIPTION: CKEditor is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the Advanced Tab for Dialogs plugin. By persuading a victim t...
CKEditor 4.0 < 4.16 Multiple ReDoS Vulnerabilities - Windows
CKEditor is prone to multiple regular expression denial of service ReDoS vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later Th...
CKEditor 4.0 < 4.16 Multiple ReDoS Vulnerabilities - Linux
CKEditor is prone to multiple regular expression denial of service ReDoS vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later Th...
CVE-2021-26271
CVE-2021-26271 affects CKEditor 4 before 4.16. An attacker could trigger a ReDoS-type DoS by persuading a victim to paste crafted text into the Styles input of dialogs (Advanced Tab in the Dialogs plugin). Affected versions are CKEditor 4.x prior to 4.16; remediation is to upgrade to 4.16 or newe...