26 matches found
Regular expression Denial of Service in multiple packages
Impact A regular expression denial of service ReDoS vulnerability has been discovered in multiple CKEditor 5 packages. The vulnerability allowed to abuse particular regular expressions, which could cause a significant performance drop resulting in a browser tab freeze. It affects all users using...
Regular Expression Denial of Service
Overview In affected versions of @ckeditor/ckeditor5-markdown-gfm a regular expression denial of service ReDoS vulnerability has been discovered. Impact The vulnerability allowed to abuse a link recognition regular expression, which could cause a significant performance drop resulting in a browse...
CVE-2021-21254
CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin @ckeditor/ckeditor5-markdown-gfm before version 25.0.0 has a regex denial of service ReDoS vulnerability. The vulnerability allowed to abuse link recognition regular expression, whi...
CVE-2021-21254 Regular expression Denial of Service in Markdown plugin
CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin @ckeditor/ckeditor5-markdown-gfm before version 25.0.0 has a regex denial of service ReDoS vulnerability. The vulnerability allowed to abuse link recognition regular expression, whi...
CKEditor 5 Markdown plugin Regular expression Denial of Service
Impact A regular expression denial of service ReDoS vulnerability has been discovered in the CKEditor 5 Markdown plugin code. The vulnerability allowed to abuse a link recognition regular expression, which could cause a significant performance drop resulting in a browser tab freeze. It affects al...
openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2019-774)
This update for java-180-openjdk to the jdk8u181 icedtea 3.9.0 release fixes the following issues : These security issues were fixed : - CVE-2018-2938: Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...