Lucene search
Federico "phretor" Maggi of Trend Micro Security Research and Davide "_ocean" QuartaZDI-18-583HistoryJun 13, 2018 - 12:00 a.m.
npm mosca Regular Expression Parsing Denial-of-Service Vulnerability
2018-06-1300:00:00
Federico "phretor" Maggi of Trend Micro Security Research and Davide "_ocean" Quarta
www.zerodayinitiative.com
13
0.965 High
EPSS
Percentile
99.6%
This vulnerability allows remote attackers to deny service on vulnerable installations of npm mosca. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of topics. A crafted regular expression can cause the broker to crash. An attacker can leverage this vulnerability to deny access to the target system.
Related
cve
cve
CVE-2018-11615
2018-08-30 12:29:00
veracode
veracode
Denial Of Service (DoS)
2018-08-31 02:53:36
github
github
Mosca REDoS Vulnerability
2018-08-31 06:22:50
prion
prion
Design/Logic Flaw
2018-08-30 12:29:00
checkpoint_advisories
checkpoint_advisories
Mosca Project Denial of Service (CVE-2018-11615)
2020-06-25 00:00:00
osv
osv
CVE-2018-11615
2018-08-30 12:29:00
Mosca REDoS Vulnerability
2018-08-31 06:22:50
cvelist
cvelist
CVE-2018-11615
2018-08-30 12:00:00
nvd
nvd
CVE-2018-11615
2018-08-30 12:29:00