Linux Distros Unpatched Vulnerability : CVE-2024-9506

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper regular expression in Vue's parseHTML function leads to a potential regular expression denial of service vulnerability. CVE-2024-9506 Note that Nessus...

GHSA-5J4C-8P2G-V4JX ReDoS vulnerability in vue package that is exploitable through inefficient regex evaluation in the parseHTML function

The ReDoS can be exploited through the parseHTML function in the html-parser.ts file. This flaw allows attackers to slow down the application by providing specially crafted input that causes inefficient processing of regular expressions, leading to excessive resource consumption. To demonstrate...

ReDoS vulnerability in vue package that is exploitable through inefficient regex evaluation in the parseHTML function

The ReDoS can be exploited through the parseHTML function in the html-parser.ts file. This flaw allows attackers to slow down the application by providing specially crafted input that causes inefficient processing of regular expressions, leading to excessive resource consumption. To demonstrate...

CVE-2024-9506

A flaw was found in Vue.js. Within the parseHTML function of html-parser.ts, there is a regular expression regex to check for proper closing tags for HTML. However, due to an improperly written regex, when you pass a script containing long text, it will trigger a regular expression denial of...

CVE-2024-9506

CVE-2024-9506 describes an improper regular expression in Vue’s parseHTML function, causing a potential ReDoS. The available connected sources confirm the vulnerable component is Vue's HTML parsing (parseHTML/html-parser.ts) and cite a low CVSS v3.1 base score (3.7) with impact on availability. C...