Lucene search
Veracode Vulnerability DatabaseVERACODE:38873HistoryJan 15, 2023 - 10:15 p.m.
Regular Expression Denial Of Service (ReDoS)
2023-01-1522:15:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
1
regular expression denial of service
redos
robots-txt-guard
makepathpattern
patterns.js
application crash
malicious input
0.001 Low
EPSS
Percentile
45.9%
robots-txt-guard is vulnerable to Regular Expression Denial of Service Attacks (ReDoS). The vulnerability exists via the pattern parameter in the makePathPattern function of patterns.js due to insufficient regular expression complexity which allows an attacker to cause an application crash via a malicious input.
| CPE | Name | Operator | Version |
|---|---|---|---|
| robots-txt-guard | le | 0.2.1 | |
| robots-txt-guard | le | 0.2.1 |
Related
nvd
nvd
CVE-2021-4305
2023-01-05 11:15:09
osv
osv
robots-txt-guard Inefficient Regular Expression Complexity vulnerability
2023-01-05 12:30:27
CVE-2021-4305
2023-01-05 11:15:09
github
github
robots-txt-guard Inefficient Regular Expression Complexity vulnerability
2023-01-05 12:30:27
cve
cve
CVE-2021-4305
2023-01-05 11:15:09
prion
prion
Design/Logic Flaw
2023-01-05 11:15:00
cvelist
cvelist
CVE-2021-4305 Woorank robots-txt-guard patterns.js makePathPattern redos
2023-01-05 10:03:09