CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2025/05/23 7:3 a.m.•6 views

CVE-2024-25355

s3-url-parser 1.0.3 is vulnerable to Denial of service via the regexes component...

7.5CVSS6.7AI score0.00593EPSS

Exploits0References1

Veracode•added 2024/05/10 3:50 p.m.•21 views

Regular Expression Denial Of Service (ReDoS)

s3-url-parser is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability is due to a regex with inefficient complexity, allowing an attacker to craft long s3 URLS that triggers excessive resource consumption, leading to denial of service...

7.5CVSS6.9AI score0.00593EPSS

Exploits0

vulnersOsv•added 2024/05/01 9:30 p.m.•3 views

@alezanai/torquator (>=1.0.0 <=1.5.0), singwareplayercreator (=1.1.0) potentially affected by CVE-2024-25355 via s3-url-parser (=1.0.3)

s3-url-parser NPM version =1.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on s3-url-parser and may be impacted: - @alezanai/torquator =1.0.0, =1.5.0 - singwareplayercreator =1.1.0 Source cves: CVE-2024-25355 Source advisory: OSV:GHSA-R4Q9-XX5G-J24P...

7.5CVSS7.1AI score0.00593EPSS

Exploits0

Github Security Blog•added 2024/05/01 9:30 p.m.•12 views

s3-url-parser vulnerable to Denial of Service via regexes component

s3-url-parser 1.0.3 is vulnerable to denial of service via the regexes component...

7.5CVSS6.9AI score0.00593EPSS

Exploits0References4Affected Software1

NVD•added 2024/05/01 7:15 p.m.•9 views

CVE-2024-25355

s3-url-parser 1.0.3 is vulnerable to Denial of service via the regexes component...

7.5CVSS6.5AI score0.00593EPSS

Exploits0References1

Vulnrichment•added 2024/05/01 12:0 a.m.•10 views

CVE-2024-25355

s3-url-parser 1.0.3 is vulnerable to Denial of service via the regexes component...

6.8AI score0.00593EPSS

Exploits0References1

Cvelist•added 2024/05/01 12:0 a.m.•23 views

CVE-2024-25355

s3-url-parser 1.0.3 is vulnerable to Denial of service via the regexes component...

6.7AI score0.00593EPSS

Exploits0References1

CNNVD•added 2024/05/01 12:0 a.m.•4 views

npm s3-url-parser 安全漏洞

npm s3-url-parser is a library from npm USA. It is used to bring up information from S3 URLs in any format. A security vulnerability exists in npm s3-url-parser version 1.0.3, which stems from the application's vulnerability to denial-of-service attacks with regular expression components...

7.5CVSS7.8AI score0.00593EPSS

Exploits0References2

CVE•added 2024/05/01 12:0 a.m.•66 views

CVE-2024-25355

CVE-2024-25355 affects s3-url-parser 1.0.3 with a Regular Expression Denial Of Service (ReDoS) via the regexes component. The connected IBM Red Hat bulletin lists affected product: IBM Cloud Pak for Multicloud Management (CP4MCM) 2.3 to 2.3 FP8, with remediation to upgrade to 2.3 Fix Pack 9. The ...

7.5CVSS6.7AI score0.00593EPSS

Exploits0References1

Positive Technologies•added 2024/05/01 12:0 a.m.•5 views

PT-2024-20899 · Unknown · S3-Url-Parser

Name of the Vulnerable Software and Affected Versions: s3-url-parser version 1.0.3 Description: The issue is related to a denial of service via the regexes component. Recommendations: For s3-url-parser version 1.0.3, consider disabling the regexes component as a temporary workaround until a patch...

7.5CVSS9.1AI score0.00593EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by