Lucene search
Veracode Vulnerability DatabaseVERACODE:39171HistoryFeb 09, 2023 - 1:55 a.m.
Regular Expression Denial Of Service (ReDoS)
2023-02-0901:55:42
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
redos
switcher-client
unsanitized input
library's operation
vulnerability
0.001 Low
EPSS
Percentile
37.9%
switcher-client is vulnerable to Regular Expression Denial Of Service (ReDoS). The vulnerability exists due to unsanitized input used in the library’s strategy match operation (EXIST), allowing an attacker to crash the application by providing a maliciously crafted input.
| CPE | Name | Operator | Version |
|---|---|---|---|
| switcher-client | le | 3.1.3 | |
| switcher-client | le | 1.0.8 | |
| switcher-client | le | 3.0.0 | |
| switcher-client | le | 3.1.3 | |
| switcher-client | le | 1.0.8 | |
| switcher-client | le | 3.0.0 |
Related
prion
prion
Design/Logic Flaw
2023-02-03 20:15:00
nvd
nvd
CVE-2023-23925
2023-02-03 20:15:10
osv
osv
Switcher Client contains Regular Expression Denial of Service (ReDoS)
2023-02-02 01:33:06
CVE-2023-23925
2023-02-03 20:15:10
github
github
Switcher Client contains Regular Expression Denial of Service (ReDoS)
2023-02-02 01:33:06
cvelist
cvelist
cve
cve
CVE-2023-23925
2023-02-03 20:15:10