Lucene search
K

249 matches found

CVE
CVE
added 2025/06/09 7:31 p.m.67 views

CVE-2025-5892

CVE-2025-5892 affects Rocket.Chat up to 7.6.1. The issue is in the parseMessage.js function (parseMessage) where manipulation of the line argument causes inefficient regular expression complexity, enabling a potential remote attack. Public exploit information is present in the sources. Remediatio...

7.5CVSS7.2AI score0.00508EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/06/09 7:15 p.m.11 views

CVE-2025-5891

A vulnerability classified as problematic was found in Unitech pm2 up to 6.0.6. This vulnerability affects unknown code of the file /lib/tools/Config.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. The exploit has been disclosed to th...

5.3CVSS0.0062EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/06/09 7:0 p.m.17 views

CVE-2025-5891 Unitech pm2 Config.js redos

A vulnerability classified as problematic was found in Unitech pm2 up to 6.0.6. This vulnerability affects unknown code of the file /lib/tools/Config.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. The exploit has been disclosed to th...

5.3CVSS0.0062EPSS
Exploits1References5
CVE
CVE
added 2025/06/09 7:0 p.m.100 views

CVE-2025-5891

CVE-2025-5891 affects Unitech pm2 (versions up to 6.0.6; also noted in advisories for 6.0.8) due to incorrect handling in /lib/tools/Config.js that enables an inefficient regular expression pattern, resulting in a Regular Expression Denial of Service (ReDoS). The vulnerability is remotely exploit...

5.3CVSS7.3AI score0.0062EPSS
Exploits1References5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/30 5:0 p.m.10 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to Inefficient Regular Expression Complexity due to Babel ( CVE-2025-27789 )

Summary IBM App Connect Enterprise Discovery Connectors and IBM App Connect Enterprise Runtime are vulnerable to Inefficient Regular Expression Complexity due to Babel. Vulnerability Details CVEID:CVE-2025-27789 DESCRIPTION: Babel is a compiler for writing next generation JavaScript. When using...

6.2CVSS6.8AI score0.00478EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 8:9 p.m.7 views

CVE-2021-3820

inflect is vulnerable to Inefficient Regular Expression Complexity...

7.5CVSS6.7AI score0.01183EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:43 p.m.7 views

CVE-2021-3804

taro is vulnerable to Inefficient Regular Expression Complexity...

7.8CVSS6.8AI score0.01222EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:35 p.m.7 views

CVE-2020-36661

A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function isheader of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this...

7.5CVSS6.9AI score0.0092EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:38 a.m.8 views

CVE-2019-25103

A vulnerability has been found in simple-markdown 0.5.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file simple-markdown.js. The manipulation leads to inefficient regular expression complexity. The attack can be launched remotely. Upgrading to...

7.5CVSS6.9AI score0.0094EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:26 a.m.6 views

CVE-2018-25074

A vulnerability was found in Prestaul skeemas and classified as problematic. This issue affects some unknown processing of the file validators/base.js. The manipulation of the argument uri leads to inefficient regular expression complexity. The patch is named...

7.5CVSS6.9AI score0.0091EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:56 a.m.7 views

CVE-2017-20162

A vulnerability, which was classified as problematic, has been found in vercel ms up to 1.x. This issue affects the function parse of the file index.js. The manipulation of the argument str leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has...

5.3CVSS6.8AI score0.00981EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:38 a.m.7 views

CVE-2015-10005

A vulnerability was found in markdown-it up to 2.x. It has been classified as problematic. Affected is an unknown function of the file lib/common/htmlre.js. The manipulation leads to inefficient regular expression complexity. Upgrading to version 3.0.0 is able to address this issue. The name of t...

7.5CVSS6.9AI score0.00946EPSS
Exploits0References1
OSV
OSV
added 2025/05/16 12:31 a.m.9 views

GHSA-J3V9-6GC7-VF5F Meteor Affected By Inefficient Regular Expression Complexity

A vulnerability was found in Meteor up to 3.2.1 and classified as problematic. This issue affects the function Object.assign of the file packages/ddp-server/livedataserver.js. The manipulation of the argument forwardedFor leads to inefficient regular expression complexity. The attack may be...

6.3CVSS6.8AI score0.00591EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2025/05/16 12:31 a.m.19 views

Meteor Affected By Inefficient Regular Expression Complexity

A vulnerability was found in Meteor up to 3.2.1 and classified as problematic. This issue affects the function Object.assign of the file packages/ddp-server/livedataserver.js. The manipulation of the argument forwardedFor leads to inefficient regular expression complexity. The attack may be...

6.3CVSS6.9AI score0.00591EPSS
Exploits1References9Affected Software1
OSV
OSV
added 2025/05/15 11:15 p.m.14 views

CVE-2025-4727

A vulnerability was found in Meteor up to 3.2.1 and classified as problematic. This issue affects the function Object.assign of the file packages/ddp-server/livedataserver.js. The manipulation of the argument forwardedFor leads to inefficient regular expression complexity. The attack may be...

6.3CVSS6.8AI score
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/05/15 11:0 p.m.9 views

CVE-2025-4727 Meteor livedata_server.js Object.assign redos

A vulnerability was found in Meteor up to 3.2.1 and classified as problematic. This issue affects the function Object.assign of the file packages/ddp-server/livedataserver.js. The manipulation of the argument forwardedFor leads to inefficient regular expression complexity. The attack may be...

6.3CVSS4.4AI score0.00591EPSS
Exploits1References7
CVE
CVE
added 2025/05/15 11:0 p.m.47 views

CVE-2025-4727

Summary: CVE-2025-4727 affects Meteor up to 3.2.1, involving the Object.assign handling in packages/ddp-server/livedata_server.js where forwardedFor manipulation enables inefficient regex complexity (ReDoS). The issue may be remotely exploitable and requires high attack complexity. Public exploit...

6.3CVSS4.5AI score0.00591EPSS
Exploits1References7Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/15 12:0 a.m.7 views

PT-2025-21583 · Meteor · Meteor

Name of the Vulnerable Software and Affected Versions: Meteor versions up to 3.2.1 Description: A vulnerability was found in the function Object.assign of the file packages/ddp-server/livedata server.js. The manipulation of the argument forwardedFor leads to inefficient regular expression...

6.3CVSS4AI score0.00591EPSS
Exploits1References13
RedhatCVE
RedhatCVE
added 2025/05/04 8:58 p.m.14 views

CVE-2025-4215

A vulnerability was found in gorhill uBlock Origin up to 1.63.3b16. It has been classified as problematic. Affected is the function currentStateChanged of the file src/js/1p-filters.js of the component UI. The manipulation leads to inefficient regular expression complexity. It is possible to laun...

3.1CVSS6.9AI score0.0057EPSS
Exploits1References8
NVD
NVD
added 2025/05/02 9:15 p.m.14 views

CVE-2025-4215

A vulnerability was found in gorhill uBlock Origin up to 1.63.3b16. It has been classified as problematic. Affected is the function currentStateChanged of the file src/js/1p-filters.js of the component UI. The manipulation leads to inefficient regular expression complexity. It is possible to laun...

3.7CVSS0.0057EPSS
Exploits1References6
Rows per page
Query Builder