yetingli

5 exploits Active since Jun 2021
CVE-2021-29059 WRITEUP HIGH WORKING POC
is-svg 2.1.0-4.2.2 - Regular Expression Denial of Service via Crafted Invalid SVG String
A vulnerability was discovered in IS-SVG version 2.1.0 to 4.2.2 and below where a Regular Expression Denial of Service (ReDOS) occurs if the application is provided and checks a crafted invalid SVG string.
CVSS 7.5
CVE-2021-29060 WRITEUP MEDIUM WRITEUP
color-string < 1.5.5 - Denial of Service via Crafted HWB String
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string.
CVSS 5.3
CVE-2021-29061 WRITEUP HIGH WORKING POC
vfsjfilechooser2 < 0.2.9 - Regular Expression Denial of Service via URI Validation
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Vfsjfilechooser2 version 0.2.9 and below which occurs when the application attempts to validate crafted URIs.
CVSS 7.5
CVE-2021-40894 WRITEUP HIGH WORKING POC
underscore-99xp 1.7.2 - Denial of Service via Inefficient Regular Expression in deepValueSearch
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in underscore-99xp v1.7.2 when the deepValueSearch function is called.
CVSS 7.5
CVE-2021-40901 WRITEUP HIGH WORKING POC
scniro-validator 1.0.1 - Regular Expression Denial of Service via Email Validation
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in scniro-validator v1.0.1 when validating crafted invalid emails.
CVSS 7.5