Lucene search
K

30 matches found

Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.26 views

PT-2026-47240

A flaw has been found in kokke tiny-regex-c up to f2632c6d9ed25272987471cdb8b70395c2460bdb. This vulnerability affects the function matchstar of the file re.c of the component Pattern Handler. This manipulation causes inefficient regular expression complexity. The attack is restricted to local...

4.8CVSS4.8AI score0.00113EPSS
Exploits0References8
Redos
Redos
added 2026/04/10 12:0 a.m.9 views

ROS-20260410-73-0011

Vulnerability in libssh related to the use of regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.5CVSS6.4AI score0.00223EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/03/31 8:1 a.m.4 views

Libssh: libssh: denial of service via inefficient regular expression processing

...

5.5CVSS5.8AI score0.00223EPSS
Exploits0
NVD
NVD
added 2026/03/09 8:16 p.m.3 views

CVE-2025-70030

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...

7.5CVSS0.00339EPSS
Exploits0References3
CVE
CVE
added 2026/03/09 12:0 a.m.18 views

CVE-2025-70034

The CVE-2025-70034 issue affects mscdex ssh2 (v1.17.0). Root cause: CWE-1333 (Inefficient Regular Expression Complexity) that can cause a Denial of Service by specially crafted input, leading to unresponsiveness in the affected component. Documented impact is remote DoS with network access; no ex...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/03/09 12:0 a.m.7 views

CVE-2025-70030

CVE-2025-70030 affects Sunbird-Ed SunbirdEd-portal v1.13.4. The issue is CWE-1333: Inefficient Regular Expression Complexity, caused by complex regexes in the portal that can lead to performance degradation (absence of confidentiality/integrity impact, but availability impact is high). The CVSSv3...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/02/26 6:23 p.m.7 views

CVE-2026-26936

Inefficient Regular Expression Complexity CWE-1333 in the AI Inference Anonymization Engine in Kibana can lead Denial of Service via Regular Expression Exponential Blowup CAPEC-492...

7.5CVSS0.00325EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/07/07 12:30 p.m.13 views

Transformers vulnerable to ReDoS attack through its SETTING_RE variable

A Regular Expression Denial of Service ReDoS vulnerability was discovered in the huggingface/transformers repository, specifically in version 4.49.0. The vulnerability is due to inefficient regular expression complexity in the SETTINGRE variable within the transformers/commands/chat.py file. The...

7.5CVSS4.9AI score0.0043EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/02 12:0 a.m.5 views

The vulnerability of the CGI Gem software lies in the use of regular expressions with inefficient computational complexity, which allows attackers to trigger a service failure.

The vulnerability of the CGI Gem software lies in the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability allows an attacker operating remotely to cause service interruptions...

7.8CVSS6.3AI score0.00702EPSS
Exploits0References8Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/01/16 12:0 a.m.6 views

The vulnerability of software for automating the creation, publication, and distribution of reports and documents in IBM Engineering Lifecycle Optimization – Publishing (PUB) lies in the use of a regular expression with inefficient computational complexity, allowing an attacker to trigger a service failure.

The vulnerability of software for automating the creation, publication, and distribution of reports and documents in IBM Engineering Lifecycle Optimization – Publishing PUB is related to the use of regular expressions with inefficient computational complexity. Exploiting this vulnerability can...

7.8CVSS5.5AI score0.00461EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.7 views

The vulnerability of the micromatch library lies in the inefficient complexity of regular expressions, allowing attackers to trigger a service failure.

The vulnerability of the micromatch library is related to the inefficient complexity of regular expressions. Exploiting this vulnerability could allow a remote attacker to cause service failures...

5.3CVSS6.4AI score0.01429EPSS
Exploits1References11Affected Software14
Veracode
Veracode
added 2024/11/11 3:14 a.m.7 views

Regular Expression Denial Of Service (ReDoS)

nope-validator is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regular expressions, which allow for ReDoS attacks...

8.7CVSS7.1AI score0.00435EPSS
Exploits0
Veracode
Veracode
added 2024/11/08 10:40 a.m.16 views

Regular Expression Denial Of Service (ReDoS)

Foundation is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to the use of inefficient or poorly optimized regular expressions, allows an attacker for excessive backtracking, which can be exploited in a ReDoS attack to overwhelm the system with resource-intensi...

8.7CVSS7AI score0.00513EPSS
Exploits1References4Affected Software1
Veracode
Veracode
added 2024/11/08 10:9 a.m.10 views

Regular Expression Denial Of Service (ReDoS)

commonregex is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to the use of inefficient regular expressions that can be exploited to consume excessive computational resources, leading to a denial of service. As of the time of publication, no known patches are...

8.7CVSS7AI score0.0046EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2024/04/23 5:18 p.m.2 views

python-django: Denial-of-service possibility in django.utils.text.Truncator

An inefficient regular expression complexity was found in Django. The text truncator regular expressions exhibit linear backtracking complexity, which can be slow, leading to a potential denial of service, given certain HTML inputs...

7.5CVSS7AI score0.01236EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/09/05 12:0 a.m.6 views

The vulnerability of the angular.copy() function in the application design environment and the Angular development platform allows a attacker to trigger a service failure.

The vulnerability of the angular.copy function in the application and platform development environment for one-page applications related to Angular involves the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability could allow an attacker to cause...

5.3CVSS6.5AI score0.01695EPSS
Exploits1References8Affected Software2
CNNVD
CNNVD
added 2023/01/07 12:0 a.m.5 views

Terminal Kit 安全漏洞

Terminal Kit is a command line tool for Node.js. A security vulnerability exists in Terminal Kit versions prior to 2.1.8, which stems from an unknown feature that operates to cause inefficient regular expression complexity...

7.5CVSS5.5AI score0.00938EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/01/05 12:0 a.m.6 views

vercel ms 安全漏洞

vercel ms is tiny millisecond conversion utility program. A security vulnerability exists in vercel ms versions prior to 2.0.0, which stems from a problem with the function parsing of the file index.js, where manipulation of the parameter str can lead to inefficient regular expression complexity...

5.3CVSS5.6AI score0.00981EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2022/12/27 12:0 a.m.5 views

PT-2022-7809 · Unknown · Markdown-It

Name of the Vulnerable Software and Affected Versions: markdown-it versions up to 2.x Description: A vulnerability was found in markdown-it, classified as problematic. It affects an unknown function of the file lib/common/html re.js, leading to inefficient regular expression complexity. Upgrading...

7.5CVSS4.5AI score0.00946EPSS
Exploits0References13
Cvelist
Cvelist
added 2022/12/23 11:3 p.m.17 views

CVE-2020-26302

is.js is a general-purpose check library. Versions 0.9.0 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. is.js uses a regex copy-pasted from a gist to validate URLs. Trying to validate a malicious string can cause the regex to...

7.5CVSS7.5AI score0.00866EPSS
Exploits1References2
Rows per page
Query Builder