Common Weakness Enumeration

CWE-1333

Allowed

Inefficient Regular Expression Complexity

Abstraction: Base · Status: Draft

The product uses a regular expression with a worst-case computational complexity that is inefficient and possibly exponential.

728 vulnerabilities reference this CWE, most recent first.

GHSA-P6M5-H7PP-V2X5

Vulnerability from github – Published: 2022-05-02 03:47 – Updated: 2024-09-16 21:57
VLAI
Summary
Django Regex Algorithmic Complexity Causes Denial of Service
Details

Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a crafted (1) EmailField (email address) or (2) URLField (URL) that triggers a large amount of backtracking in a regular expression.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "Django"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.0"
            },
            {
              "fixed": "1.0.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "Django"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.1"
            },
            {
              "fixed": "1.1.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2009-3695"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333",
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-02-08T22:00:20Z",
    "nvd_published_at": "2009-10-13T10:30:00Z",
    "severity": "HIGH"
  },
  "details": "Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a crafted (1) EmailField (email address) or (2) URLField (URL) that triggers a large amount of backtracking in a regular expression.",
  "id": "GHSA-p6m5-h7pp-v2x5",
  "modified": "2024-09-16T21:57:14Z",
  "published": "2022-05-02T03:47:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3695"
    },
    {
      "type": "WEB",
      "url": "https://github.com/django/django/commit/594a28a9044120bed58671dde8a805c9e0f6c79a"
    },
    {
      "type": "WEB",
      "url": "https://github.com/django/django/commit/e3e992e18b368fcd56aabafc1b5bf80a6e11b495"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53727"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/django/django"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2009-4.yaml"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20091013093057/http://secunia.com/advisories/36968"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20091017070244/http://secunia.com/advisories/36948"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20200228171918/http://www.securityfocus.com/bid/36655"
    },
    {
      "type": "WEB",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550457"
    },
    {
      "type": "WEB",
      "url": "http://groups.google.com/group/django-users/browse_thread/thread/15df9e45118dfc51"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2009/dsa-1905"
    },
    {
      "type": "WEB",
      "url": "http://www.djangoproject.com/weblog/2009/oct/09/security"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2009/10/13/6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Django Regex Algorithmic Complexity Causes Denial of Service"
}

GHSA-P84V-45XJ-WWQJ

Vulnerability from github – Published: 2023-01-18 18:23 – Updated: 2025-02-18 22:36
VLAI
Summary
ReDoS based DoS vulnerability in Action Dispatch
Details

There is a possible regular expression based DoS vulnerability in Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2023-22792.

Versions Affected: >= 3.0.0 Not affected: < 3.0.0 Fixed Versions: 5.2.8.15 (Rails LTS), 6.1.7.1, 7.0.4.1 Impact

Specially crafted cookies, in combination with a specially crafted X_FORWARDED_HOST header can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately. Releases

The FIXED releases are available at the normal locations. Workarounds

We recommend that all users upgrade to one of the FIXED versions. In the meantime, users can mitigate this vulnerability by using a load balancer or other device to filter out malicious X_FORWARDED_HOST headers before they reach the application. Patches

To aid users who aren’t able to upgrade immediately we have provided patches for the two supported release series. They are in git-am format and consist of a single changeset.

6-1-Use-string-split-instead-of-regex-for-domain-parts.patch - Patch for 6.1 series
7-0-Use-string-split-instead-of-regex-for-domain-parts.patch - Patch for 7.0 series

Please note that only the 7.0.Z and 6.1.Z series are supported at present, and 6.0.Z for severe vulnerabilities. Users of earlier unsupported releases are advised to upgrade as soon as possible as we cannot guarantee the continued availability of security fixes for unsupported releases.

https://rubyonrails.org/2023/1/17/Rails-Versions-6-0-6-1-6-1-7-1-7-0-4-1-have-been-released

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "actionpack"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0"
            },
            {
              "fixed": "5.2.8.15"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "actionpack"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "6.1.7.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "actionpack"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.0.4.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-22792"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333",
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-01-18T18:23:34Z",
    "nvd_published_at": "2023-02-09T20:15:00Z",
    "severity": "LOW"
  },
  "details": "There is a possible regular expression based DoS vulnerability in Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2023-22792.\n\nVersions Affected: \u003e= 3.0.0 Not affected: \u003c 3.0.0 Fixed Versions: 5.2.8.15 (Rails LTS), 6.1.7.1, 7.0.4.1\nImpact\n\nSpecially crafted cookies, in combination with a specially crafted X_FORWARDED_HOST header can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately.\nReleases\n\nThe FIXED releases are available at the normal locations.\nWorkarounds\n\nWe recommend that all users upgrade to one of the FIXED versions. In the meantime, users can mitigate this vulnerability by using a load balancer or other device to filter out malicious X_FORWARDED_HOST headers before they reach the application.\nPatches\n\nTo aid users who aren\u2019t able to upgrade immediately we have provided patches for the two supported release series. They are in git-am format and consist of a single changeset.\n\n    6-1-Use-string-split-instead-of-regex-for-domain-parts.patch - Patch for 6.1 series\n    7-0-Use-string-split-instead-of-regex-for-domain-parts.patch - Patch for 7.0 series\n\nPlease note that only the 7.0.Z and 6.1.Z series are supported at present, and 6.0.Z for severe vulnerabilities. Users of earlier unsupported releases are advised to upgrade as soon as possible as we cannot guarantee the continued availability of security fixes for unsupported releases.\n\nhttps://rubyonrails.org/2023/1/17/Rails-Versions-6-0-6-1-6-1-7-1-7-0-4-1-have-been-released",
  "id": "GHSA-p84v-45xj-wwqj",
  "modified": "2025-02-18T22:36:28Z",
  "published": "2023-01-18T18:23:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22792"
    },
    {
      "type": "WEB",
      "url": "https://discuss.rubyonrails.org/t/cve-2023-22792-possible-redos-based-dos-vulnerability-in-action-dispatch/82115"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/rails/rails"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rails/rails/releases/tag/v7.0.4.1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2023-22792.yml"
    },
    {
      "type": "WEB",
      "url": "https://rubyonrails.org/2023/1/17/Rails-Versions-6-0-6-1-6-1-7-1-7-0-4-1-have-been-released"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20240202-0007"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5372"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "ReDoS based DoS vulnerability in Action Dispatch"
}

GHSA-P8PC-3F7W-JR5Q

Vulnerability from github – Published: 2024-10-26 21:30 – Updated: 2024-11-13 23:24
VLAI
Summary
Foundation Regular Expression Denial of Service vulnerability
Details

Foundation is a front-end framework. Versions 6.3.3 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, it is unknown if any fixes are available.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "foundation-sites"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "6.3.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-26304"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-10-28T14:44:05Z",
    "nvd_published_at": "2024-10-26T21:15:13Z",
    "severity": "MODERATE"
  },
  "details": "Foundation is a front-end framework. Versions 6.3.3 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, it is unknown if any fixes are available.",
  "id": "GHSA-p8pc-3f7w-jr5q",
  "modified": "2024-11-13T23:24:36Z",
  "published": "2024-10-26T21:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26304"
    },
    {
      "type": "WEB",
      "url": "https://github.com/foundation/foundation-sites/issues/12180"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/foundation/foundation-sites"
    },
    {
      "type": "ADVISORY",
      "url": "https://securitylab.github.com/advisories/GHSL-2020-290-redos-foundation-sites"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Foundation Regular Expression Denial of Service vulnerability"
}

GHSA-P9W8-2MPQ-49H9

Vulnerability from github – Published: 2023-02-04 06:30 – Updated: 2023-02-14 16:47
VLAI
Summary
is-url Inefficient Regular Expression Complexity vulnerability
Details

A vulnerability was found in Segmentio is-url up to 1.2.2. It has been rated as problematic. Affected by this issue is an unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. Upgrading to version 1.2.3 is able to address this issue. The name of the patch is 149550935c63a98c11f27f694a7c4a9479e53794. It is recommended to upgrade the affected component. VDB-220058 is the identifier assigned to this vulnerability.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "is-url"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.2.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2018-25079"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-02-10T00:59:15Z",
    "nvd_published_at": "2023-02-04T04:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability was found in Segmentio is-url up to 1.2.2. It has been rated as problematic. Affected by this issue is an unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. Upgrading to version 1.2.3 is able to address this issue. The name of the patch is 149550935c63a98c11f27f694a7c4a9479e53794. It is recommended to upgrade the affected component. VDB-220058 is the identifier assigned to this vulnerability.",
  "id": "GHSA-p9w8-2mpq-49h9",
  "modified": "2023-02-14T16:47:13Z",
  "published": "2023-02-04T06:30:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25079"
    },
    {
      "type": "WEB",
      "url": "https://github.com/segmentio/is-url/pull/18"
    },
    {
      "type": "WEB",
      "url": "https://github.com/segmentio/is-url/commit/149550935c63a98c11f27f694a7c4a9479e53794"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/segmentio/is-url"
    },
    {
      "type": "WEB",
      "url": "https://github.com/segmentio/is-url/releases/tag/v1.2.3"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.220058"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.220058"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "is-url Inefficient Regular Expression Complexity vulnerability"
}

GHSA-P9WX-2529-FP83

Vulnerability from github – Published: 2025-05-23 15:31 – Updated: 2025-05-27 15:03
VLAI
Summary
Marked allows Regular Expression Denial of Service (ReDoS) attacks
Details

Marked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service (ReDoS) attack due to catastrophic backtracking in several regular expressions used for parsing HTML tags and markdown links. An attacker can exploit this vulnerability by providing specially crafted markdown input, such as deeply nested or repetitively structured brackets or tag attributes, which cause the parser to hang and lead to a Denial of Service.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "marked"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.3.17"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2018-25110"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-05-27T15:03:47Z",
    "nvd_published_at": "2025-05-23T15:15:20Z",
    "severity": "MODERATE"
  },
  "details": "Marked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service (ReDoS) attack due to catastrophic backtracking in several regular expressions used for parsing HTML tags and markdown links. An attacker can exploit this vulnerability by providing specially crafted markdown input, such as deeply nested or repetitively structured brackets or tag attributes, which cause the parser to hang and lead to a Denial of Service.",
  "id": "GHSA-p9wx-2529-fp83",
  "modified": "2025-05-27T15:03:47Z",
  "published": "2025-05-23T15:31:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25110"
    },
    {
      "type": "WEB",
      "url": "https://github.com/markedjs/marked/issues/1070"
    },
    {
      "type": "WEB",
      "url": "https://github.com/markedjs/marked/pull/1083"
    },
    {
      "type": "WEB",
      "url": "https://github.com/markedjs/marked/commit/20bfc106013ed45713a21672ad4a34df94dcd485"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Checkmarx/Vulnerabilities-Proofs-of-Concept/tree/main/2018/CVE-2018-25110"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/markedjs/marked"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Marked allows Regular Expression Denial of Service (ReDoS) attacks"
}

GHSA-PFQ8-RQ6V-VF5M

Vulnerability from github – Published: 2022-10-31 19:00 – Updated: 2025-06-11 17:34
VLAI
Summary
kangax html-minifier REDoS vulnerability
Details

A Regular Expression Denial of Service (ReDoS) flaw was found in kangax html-minifier 4.0.0 because of the reCustomIgnore regular expression.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "html-minifier"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "4.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-37620"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333",
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-04-22T23:06:37Z",
    "nvd_published_at": "2022-10-31T12:15:00Z",
    "severity": "HIGH"
  },
  "details": "A Regular Expression Denial of Service (ReDoS) flaw was found in kangax html-minifier 4.0.0 because of the reCustomIgnore regular expression.",
  "id": "GHSA-pfq8-rq6v-vf5m",
  "modified": "2025-06-11T17:34:37Z",
  "published": "2022-10-31T19:00:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37620"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kangax/html-minifier/issues/1135"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/kangax/html-minifier"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kangax/html-minifier/blob/51ce10f4daedb1de483ffbcccecc41be1c873da2/src/htmlminifier.js#L1338"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kangax/html-minifier/blob/51ce10f4daedb1de483ffbcccecc41be1c873da2/src/htmlminifier.js#L294"
    },
    {
      "type": "WEB",
      "url": "https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "kangax html-minifier REDoS vulnerability"
}

GHSA-PFRM-4RJW-G9Q5

Vulnerability from github – Published: 2023-01-02 09:31 – Updated: 2023-01-10 16:13
VLAI
Summary
string-kit Inefficient Regular Expression Complexity vulnerability
Details

A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to version 0.12.8 can address this issue. The name of the patch is 9cac4c298ee92c1695b0695951f1488884a7ca73. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-217180.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "string-kit"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.12.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-4299"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-01-04T14:27:35Z",
    "nvd_published_at": "2023-01-02T08:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to version 0.12.8 can address this issue. The name of the patch is 9cac4c298ee92c1695b0695951f1488884a7ca73. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-217180.",
  "id": "GHSA-pfrm-4rjw-g9q5",
  "modified": "2023-01-10T16:13:19Z",
  "published": "2023-01-02T09:31:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4299"
    },
    {
      "type": "WEB",
      "url": "https://github.com/cronvel/string-kit/commit/9cac4c298ee92c1695b0695951f1488884a7ca73"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/cronvel/string-kit"
    },
    {
      "type": "WEB",
      "url": "https://github.com/cronvel/string-kit/releases/tag/v0.12.8"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.217180"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.217180"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "string-kit Inefficient Regular Expression Complexity vulnerability"
}

GHSA-PJF2-268R-G6X9

Vulnerability from github – Published: 2024-10-11 21:31 – Updated: 2024-10-17 21:31
VLAI
Details

Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows DoS/ReDos via email. Parsing the content of emails where HTML code is copied from Microsoft Word could lead to high CPU usage and block the parsing process.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-48938"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-11T21:15:07Z",
    "severity": "HIGH"
  },
  "details": "Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows DoS/ReDos via email. Parsing the content of emails where HTML code is copied from Microsoft Word could lead to high CPU usage and block the parsing process.",
  "id": "GHSA-pjf2-268r-g6x9",
  "modified": "2024-10-17T21:31:30Z",
  "published": "2024-10-11T21:31:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48938"
    },
    {
      "type": "WEB",
      "url": "https://www.znuny.com"
    },
    {
      "type": "WEB",
      "url": "https://www.znuny.org/en/advisories"
    },
    {
      "type": "WEB",
      "url": "https://www.znuny.org/en/advisories/zsa-2024-04"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PJWM-CR36-MWV3

Vulnerability from github – Published: 2024-11-14 22:44 – Updated: 2024-11-14 22:44
VLAI
Summary
ReDoS in giskard's transformation.py (GHSL-2024-324)
Details

ReDoS in Giskard text perturbation detector

A Remote Code Execution (ReDoS) vulnerability was discovered in Giskard component by the GitHub Security Lab team. When processing datasets with specific text patterns with Giskard detectors, this vulnerability could trigger exponential regex evaluation times, potentially leading to denial of service.

Details

The vulnerability affects Giskard's punctuation removal transformation used in the text perturbation detection. A regex used to detect URLs and links was vulnerable to catastrophic backtracking that could be triggered by specific patterns in the text.

Affected version

Giskard versions prior to 2.15.5 are affected. Users should upgrade to version 2.15.5 or later, which includes a fix for this vulnerability.

Impact

This vulnerability can cause extended computation times or crashes in Giskard when processing text containing certain patterns.

Credit

This issue was discovered and reported by GHSL team member @kevinbackhouse (Kevin Backhouse).

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.15.4"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "giskard"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.15.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-52524"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-11-14T22:44:36Z",
    "nvd_published_at": "2024-11-14T18:15:26Z",
    "severity": "MODERATE"
  },
  "details": "# ReDoS in Giskard text perturbation detector\n\nA Remote Code Execution (ReDoS) vulnerability was discovered in Giskard component by the [GitHub Security Lab](https://securitylab.github.com) team. When processing datasets with specific text patterns with Giskard detectors, this vulnerability could trigger exponential regex evaluation times, potentially leading to denial of service.\n\n## Details\n\nThe vulnerability affects Giskard\u0027s punctuation removal transformation used in the text perturbation detection. A regex used to detect URLs and links was vulnerable to catastrophic backtracking that could be triggered by specific patterns in the text.\n\n## Affected version\n\nGiskard versions prior to 2.15.5 are affected. Users should upgrade to version 2.15.5 or later, which includes a fix for this vulnerability.\n\n## Impact\n\nThis vulnerability can cause extended computation times or crashes in Giskard when processing text containing certain patterns.\n\n## Credit\n\nThis issue was discovered and reported by GHSL team member [@kevinbackhouse (Kevin Backhouse)](https://github.com/kevinbackhouse).",
  "id": "GHSA-pjwm-cr36-mwv3",
  "modified": "2024-11-14T22:44:36Z",
  "published": "2024-11-14T22:44:36Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/Giskard-AI/giskard/security/advisories/GHSA-pjwm-cr36-mwv3"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52524"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Giskard-AI/giskard/commit/48ce81f5c626171767188d6f0669498fb613b4d3"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/Giskard-AI/giskard"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear",
      "type": "CVSS_V4"
    }
  ],
  "summary": "ReDoS in giskard\u0027s transformation.py (GHSL-2024-324)"
}

GHSA-PMVV-57RG-5G86

Vulnerability from github – Published: 2024-10-26 21:30 – Updated: 2024-11-13 23:24
VLAI
Summary
CommonRegexJS Regular Expression Denial of Service vulnerability
Details

CommonRegexJS is a CommonRegex port for JavaScript. All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "commonregex"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "0.3.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-26305"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-10-28T14:44:58Z",
    "nvd_published_at": "2024-10-26T21:15:13Z",
    "severity": "MODERATE"
  },
  "details": "CommonRegexJS is a CommonRegex port for JavaScript. All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available.",
  "id": "GHSA-pmvv-57rg-5g86",
  "modified": "2024-11-13T23:24:33Z",
  "published": "2024-10-26T21:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26305"
    },
    {
      "type": "WEB",
      "url": "https://github.com/talyssonoc/CommonRegexJS/issues/4"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/talyssonoc/CommonRegexJS"
    },
    {
      "type": "ADVISORY",
      "url": "https://securitylab.github.com/advisories/GHSL-2020-291-redos-CommonRegexJS"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green",
      "type": "CVSS_V4"
    }
  ],
  "summary": "CommonRegexJS Regular Expression Denial of Service vulnerability"
}

Mitigation
Architecture and Design

Use regular expressions that do not support backtracking, e.g. by removing nested quantifiers.

Mitigation
System Configuration

Set backtracking limits in the configuration of the regular expression implementation, such as PHP's pcre.backtrack_limit. Also consider limits on execution time for the process.

Mitigation
Implementation

Do not use regular expressions with untrusted input. If regular expressions must be used, avoid using backtracking in the expression.

Mitigation
Implementation

Limit the length of the input that the regular expression will process.

CAPEC-492: Regular Expression Exponential Blowup

An adversary may execute an attack on a program that uses a poor Regular Expression(Regex) implementation by choosing input that results in an extreme situation for the Regex. A typical extreme situation operates at exponential time compared to the input size. This is due to most implementations using a Nondeterministic Finite Automaton(NFA) state machine to be built by the Regex algorithm since NFA allows backtracking and thus more complex regular expressions.