BIT-MONGODB-2026-8202 Post-authentication CPU utilization DoS via $trim/$ltrim/$rtrim operators

Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permissions can pin CPU utilization at 100% for an extended period of time. This issue impacts MongoDB Server v7.0 versions prior to...

SUSE CVE-2010-2190

The 1 trim, 2 ltrim, 3 rtrim, and 4 substrreplace functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents by causing a userspace interruption of an internal function, related to the call time pass by reference...

GHSA-XX4C-JJ58-R7X6 Inefficient Regular Expression Complexity in Validator.js

Impact Versions of validator prior to 13.7.0 are affected by an inefficient Regular Expression complexity when using the rtrim and trim sanitizers. Patches The problem has been patched in validator 13.7.0...

PT-2021-21765 · Unknown · Validator.Js

Name of the Vulnerable Software and Affected Versions: validator.js versions prior to 13.7.0 Description: The issue is related to Inefficient Regular Expression Complexity. It affects the rtrim and trim sanitizers. There is no information provided about the estimated number of potentially affecte...

Inefficient Regular Expression Complexity in validatorjs/validator.js

Description I would like to report a Regular Expression Denial of Service ReDoS vulnerability in validator. It allows cause a denial of service when calling function 'rtrim'. The ReDoS vulnerability is mainly due to the regex /\s+$/g and can be exploited with the following code. Proof of Concept ...

Regular Expression Denial of Service (ReDoS)

Overview validator is a library of string validators and sanitizers. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the rtrim function. PoC var validator = require"validator" function buildattackn var ret = "" for var i = 0; i n; i++ ret += " "...

PHP 5.2.x,5.3.x trim,ltrim,rtrim,substr_replace函数信息泄露漏洞

No description provided by source...

CVE-2010-2190

CVE-2010-2190 affects PHP 5.2.x (up to 5.2.13) and 5.3.x (up to 5.3.2). The vulnerability arises in the functions trim, ltrim, rtrim, and substr_replace, allowing a context-dependent attacker to obtain sensitive information (memory contents) by triggering an internal function interruption related...