6 matches found
Astra Linux - уязвимость в prototypejs
A issue was discovered in the stripTags and unescapeHTML components of Prototype 1.7.3. An attacker can cause a Regular Expression Denial of Service ReDOS by stripping crafted HTML tags...
DEBIAN-CVE-2020-27511
An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 where an attacker can cause a Regular Expression Denial of Service ReDOS through stripping crafted HTML tags...
CVE-2020-27511
An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 where an attacker can cause a Regular Expression Denial of Service ReDOS through stripping crafted HTML tags...
GHSA-V2P6-4MP7-3R9V Regular Expression Denial of Service in underscore.string
Versions of underscore.string prior to 3.3.5 are vulnerable to Regular Expression Denial of Service ReDoS. The function unescapeHTML is vulnerable to ReDoS due to an overly-broad regex. The slowdown is approximately 2s for 50,000 characters but grows exponentially with larger inputs. Recommendati...
Regular Expression Denial of Service in underscore.string
Versions of underscore.string prior to 3.3.5 are vulnerable to Regular Expression Denial of Service ReDoS. The function unescapeHTML is vulnerable to ReDoS due to an overly-broad regex. The slowdown is approximately 2s for 50,000 characters but grows exponentially with larger inputs. Recommendati...
Regular Expression Denial of Service
Overview Versions of underscore.string prior to 3.3.5 are vulnerable to Regular Expression Denial of Service ReDoS. The function unescapeHTML is vulnerable to ReDoS due to an overly-broad regex. The slowdown is approximately 2s for 50,000 characters but grows exponentially with larger inputs...