Regular Expression Denial of Service (ReDoS)

Overview AngularJS.Core is an AngularJS. package for other Angular modules within .NET. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the angular.copy utility function due to the usage of an insecure regular expression. Exploiting this...

Regular Expression Denial Of Service (ReDoS)

org.apache.tika:tika is vulnerable to regular expression denial of service ReDoS attacks. An attacker is able to cause denial of service conditions to the users who are running the StandardsExtractingContentHandler component, due to an insecure regular expression usage in setThreshold function by...

PT-2022-14915 · Url-Regex · Url-Regex

Name of the Vulnerable Software and Affected Versions: url-regex versions all Description: The issue is related to Regular Expression Denial of Service ReDoS, which can cause CPU usage to crash. Recommendations: For url-regex version all, consider disabling the use of the url-regex package until ...

Information Disclosure

Apache Kafka connect-runtime is vulnerable to information disclosure. Improper usage of regex matching in the Connect REST API exposes plaintext secrets through the tasks endpoint if the config value contains additional characters...