3 matches found
Regular Expression Denial Of Service (ReDoS)
Valibot is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient processing in the EMOJIREGEX used by the emoji action, which allows an attacker to supply a crafted input that triggers excessive CPU consumption and causes a denial of service...
CVE-2025-66020 Valibot has a ReDoS vulnerability in `EMOJI_REGEX`
Valibot helps validate data using a schema. In versions from 0.31.0 to 1.1.0, the EMOJIREGEX used in the emoji action is vulnerable to a Regular Expression Denial of Service ReDoS attack. A short, maliciously crafted string e.g., 100 characters can cause the regex engine to consume excessive CPU...
PT-2023-24871 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 12.1 through 16.4.2 GitLab versions 16.5 through 16.5.2 GitLab versions 16.6 through 16.6.0 Description: An issue has been discovered in GitLab where a Guest user could add an emoji on confidential work items. Recommendations:...