8 matches found
GHSA-VQC4-V8HC-H2JG Polynomial regular expression used on uncontrolled data in nitrado.js
Impact Possible ReDoS with lib input of and with many repetitions of | Patches Patched in all versions above 0.2.5 Workarounds No known work arounds. References - OWASP: Regular expression Denial of Service - ReDoS - Wikipedia: ReDoS. - Wikipedia: Time complexity. - James Kirrage, Asiri Rathnayak...
Polynomial regular expression used on uncontrolled data in nitrado.js
Impact Possible ReDoS with lib input of and with many repetitions of | Patches Patched in all versions above 0.2.5 Workarounds No known work arounds. References - OWASP: Regular expression Denial of Service - ReDoS - Wikipedia: ReDoS. - Wikipedia: Time complexity. - James Kirrage, Asiri Rathnayak...
Denial Of Service (DoS)
nitrado.js is vulnerable to regular expression denial of service. The vulnerability exists in index.js due to insufficient regular expression complexity which allows an attacker to crash the system...
CVE-2022-36034
nitrado.js is a type safe wrapper for the Nitrado API. Possible ReDoS with lib input of and with many repetitions of |. This issue has been patched in all versions above 0.2.5. There are currently no known workarounds...
CVE-2022-36034 Possible Regular Expression Denial of Service (ReDoS) used on uncontrolled data in nitrado.js
nitrado.js is a type safe wrapper for the Nitrado API. Possible ReDoS with lib input of and with many repetitions of |. This issue has been patched in all versions above 0.2.5. There are currently no known workarounds...
CVE-2022-36034
CVE-2022-36034 concerns nitrado.js, a type-safe wrapper for the Nitrado API. The vulnerability is a Regular Expression Denial of Service (ReDoS) caused by polynomial/complex regex handling on uncontrolled input (notably patterns like {{ and repeated {{|). Impact, per multiple sources, is High (CV...
CVE-2022-36034 Possible Regular Expression Denial of Service (ReDoS) used on uncontrolled data in nitrado.js
nitrado.js is a type safe wrapper for the Nitrado API. Possible ReDoS with lib input of and with many repetitions of |. This issue has been patched in all versions above 0.2.5. There are currently no known workarounds...
nitrado.js 安全漏洞
nitrado.js is a type-safe wrapper for the Nitrado API by Cain Personal Developers. A security vulnerability exists in versions of nitrado.js prior to 0.2.5, which stems from the presence of polynomial regular expressions with uncontrolled data...