EUVD-2024-2963

Malicious code in bioql PyPI...

CVE-2020-26306

Knwl.js is a Javascript library that parses through text for dates, times, phone numbers, emails, places, and more. Versions 1.0.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no known patches are...

Regular Expression Denial Of Service (ReDoS)

Knwl.js is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to the presence of inefficient regular expressions, which allow attackers to craft input that causes excessive backtracking, leading to high CPU usage and potential service disruption...

asksuite-core (>=1.0.93 <=2.32.81), machinepack-knwl (=1.0.0) potentially affected by CVE-2020-26306 via knwl.js (=1.0.2)

knwl.js NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on knwl.js and may be impacted: - asksuite-core =1.0.93, =2.32.81 - machinepack-knwl =1.0.0 Source cves: CVE-2020-26306 Source advisory: OSV:GHSA-68QG-G787-3RP5...

Knwl.js Regular Expression Denial of Service vulnerability

Knwl.js is a Javascript library that parses through text for dates, times, phone numbers, emails, places, and more. Versions 1.0.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no known patches are...

CVE-2020-26306

Knwl.js is a Javascript library that parses through text for dates, times, phone numbers, emails, places, and more. Versions 1.0.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no known patches are...

CVE-2020-26306 GHSL-2020-296: Regular Expression Denial of Service (ReDoS) in Knwl.js

Knwl.js is a Javascript library that parses through text for dates, times, phone numbers, emails, places, and more. Versions 1.0.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no known patches are...

CVE-2020-26306 GHSL-2020-296: Regular Expression Denial of Service (ReDoS) in Knwl.js

Knwl.js is a Javascript library that parses through text for dates, times, phone numbers, emails, places, and more. Versions 1.0.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no known patches are...

CVE-2020-26306

Knwl.js (JavaScript) versions 1.0.2 and earlier are vulnerable to Regular Expression Denial of Service (ReDoS) due to inefficient regular expressions. No patches were available at the time of publication. The issue affects text parsing of dates, times, phone numbers, emails, and locations; exploi...

Knwl.js 安全漏洞

Knwl.js is a Javascript library from the individual developer Ben Moore that parses dates, times, phone numbers, emails, locations, etc. from text. A security vulnerability exists in Knwl.js version 1.0.2 and earlier versions, which stems from the presence of a regular expression denial of servic...

PT-2024-10796 · Knwl.Js · Knwl.Js

Name of the Vulnerable Software and Affected Versions: Knwl.js versions 1.0.2 and prior Description: The issue concerns a Regular Expression Denial of Service ReDoS in the Knwl.js library, which is used for parsing text to extract information such as dates, times, phone numbers, and more. No...