Lucene search
Veracode Vulnerability DatabaseVERACODE:38571HistoryDec 23, 2022 - 5:51 a.m.
Regular Expression Denial Of Service (ReDoS)
2022-12-2305:51:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
53
regular expression denial of service
is.js
vulnerability
insecure regex pattern
url matching
malicious urls
EPSS
0.001
Percentile
38.2%
is_js is vulnerable to regular expression denial of service. The vulnerability exists due to the insecure regex pattern used for url matching in is.js allowing an attacker to crash the application by providing malicious urls.
Related
osv
osv
CVE-2020-26302
2022-12-22 21:15:08
is_js vulnerable to Regular Expression Denial of Service
2023-07-06 19:24:05
github
github
is_js vulnerable to Regular Expression Denial of Service
2023-07-06 19:24:05
prion
prion
Code injection
2022-12-22 21:15:00
nvd
nvd
CVE-2020-26302
2022-12-22 21:15:08
cvelist
cvelist
CVE-2020-26302
2022-12-23 23:03:51
cve
cve
CVE-2020-26302
2022-12-23 23:03:51