Lucene search
Veracode Vulnerability DatabaseVERACODE:38777HistoryJan 05, 2023 - 9:31 a.m.
Regular Expression Denial Of Service (ReDoS)
2023-01-0509:31:52
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
regular expression denial of service
dos attacks
application crash
inefficient regular expression complexity
markdown-it vulnerability
EPSS
0.002
Percentile
52.3%
markdown-it is vulnerable to regular expression denial of service (DoS) attacks. A malicious user is able to pass a crafted regex statement through the replace function in lib/common/html_re.js, causing an application crash due to inefficient regular expression complexity.
Related
nvd
nvd
CVE-2015-10005
2022-12-27 09:15:09
osv
osv
markdown-it vulnerable to Inefficient Regular Expression Complexity
2022-12-27 09:30:41
cvelist
cvelist
CVE-2015-10005 markdown-it html_re.js redos
2022-12-27 08:05:38
github
github
markdown-it vulnerable to Inefficient Regular Expression Complexity
2022-12-27 09:30:41
ubuntucve
ubuntucve
CVE-2015-10005
2022-12-27 00:00:00
prion
prion
Design/Logic Flaw
2022-12-27 09:15:00
cve
cve
CVE-2015-10005
2022-12-27 09:15:09