30 matches found
PT-2026-47240
A flaw has been found in kokke tiny-regex-c up to f2632c6d9ed25272987471cdb8b70395c2460bdb. This vulnerability affects the function matchstar of the file re.c of the component Pattern Handler. This manipulation causes inefficient regular expression complexity. The attack is restricted to local...
ROS-20260410-73-0011
Vulnerability in libssh related to the use of regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
Libssh: libssh: denial of service via inefficient regular expression processing
...
CVE-2025-70030
An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...
CVE-2025-70030
CVE-2025-70030 affects Sunbird-Ed SunbirdEd-portal v1.13.4. The issue is CWE-1333: Inefficient Regular Expression Complexity, caused by complex regexes in the portal that can lead to performance degradation (absence of confidentiality/integrity impact, but availability impact is high). The CVSSv3...
CVE-2025-70034
The CVE-2025-70034 issue affects mscdex ssh2 (v1.17.0). Root cause: CWE-1333 (Inefficient Regular Expression Complexity) that can cause a Denial of Service by specially crafted input, leading to unresponsiveness in the affected component. Documented impact is remote DoS with network access; no ex...
CVE-2026-26936
Inefficient Regular Expression Complexity CWE-1333 in the AI Inference Anonymization Engine in Kibana can lead Denial of Service via Regular Expression Exponential Blowup CAPEC-492...
Transformers vulnerable to ReDoS attack through its SETTING_RE variable
A Regular Expression Denial of Service ReDoS vulnerability was discovered in the huggingface/transformers repository, specifically in version 4.49.0. The vulnerability is due to inefficient regular expression complexity in the SETTINGRE variable within the transformers/commands/chat.py file. The...
The vulnerability of the CGI Gem software lies in the use of regular expressions with inefficient computational complexity, which allows attackers to trigger a service failure.
The vulnerability of the CGI Gem software lies in the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability allows an attacker operating remotely to cause service interruptions...
The vulnerability of software for automating the creation, publication, and distribution of reports and documents in IBM Engineering Lifecycle Optimization – Publishing (PUB) lies in the use of a regular expression with inefficient computational complexity, allowing an attacker to trigger a service failure.
The vulnerability of software for automating the creation, publication, and distribution of reports and documents in IBM Engineering Lifecycle Optimization – Publishing PUB is related to the use of regular expressions with inefficient computational complexity. Exploiting this vulnerability can...
The vulnerability of the micromatch library lies in the inefficient complexity of regular expressions, allowing attackers to trigger a service failure.
The vulnerability of the micromatch library is related to the inefficient complexity of regular expressions. Exploiting this vulnerability could allow a remote attacker to cause service failures...
Regular Expression Denial Of Service (ReDoS)
nope-validator is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regular expressions, which allow for ReDoS attacks...
Regular Expression Denial Of Service (ReDoS)
Foundation is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to the use of inefficient or poorly optimized regular expressions, allows an attacker for excessive backtracking, which can be exploited in a ReDoS attack to overwhelm the system with resource-intensi...
Regular Expression Denial Of Service (ReDoS)
commonregex is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to the use of inefficient regular expressions that can be exploited to consume excessive computational resources, leading to a denial of service. As of the time of publication, no known patches are...
python-django: Denial-of-service possibility in django.utils.text.Truncator
An inefficient regular expression complexity was found in Django. The text truncator regular expressions exhibit linear backtracking complexity, which can be slow, leading to a potential denial of service, given certain HTML inputs...
The vulnerability of the angular.copy() function in the application design environment and the Angular development platform allows a attacker to trigger a service failure.
The vulnerability of the angular.copy function in the application and platform development environment for one-page applications related to Angular involves the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability could allow an attacker to cause...
Terminal Kit 安全漏洞
Terminal Kit is a command line tool for Node.js. A security vulnerability exists in Terminal Kit versions prior to 2.1.8, which stems from an unknown feature that operates to cause inefficient regular expression complexity...
vercel ms 安全漏洞
vercel ms is tiny millisecond conversion utility program. A security vulnerability exists in vercel ms versions prior to 2.0.0, which stems from a problem with the function parsing of the file index.js, where manipulation of the parameter str can lead to inefficient regular expression complexity...
PT-2022-7809 · Unknown · Markdown-It
Name of the Vulnerable Software and Affected Versions: markdown-it versions up to 2.x Description: A vulnerability was found in markdown-it, classified as problematic. It affects an unknown function of the file lib/common/html re.js, leading to inefficient regular expression complexity. Upgrading...
CVE-2020-26302
is.js is a general-purpose check library. Versions 0.9.0 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. is.js uses a regex copy-pasted from a gist to validate URLs. Trying to validate a malicious string can cause the regex to...