yetingli

5 exploits Active since Jun 2021
CVE-2021-29059 WRITEUP HIGH WORKING POC
Is-svg < 4.3.0 - Resource Allocation Without Limits
A vulnerability was discovered in IS-SVG version 2.1.0 to 4.2.2 and below where a Regular Expression Denial of Service (ReDOS) occurs if the application is provided and checks a crafted invalid SVG string.
CVSS 7.5
CVE-2021-29060 WRITEUP MEDIUM WRITEUP
Color-string < 1.5.5 - Resource Allocation Without Limits
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string.
CVSS 5.3
CVE-2021-29061 WRITEUP HIGH WORKING POC
Vfsjfilechooser2 < 0.2.9 - Resource Allocation Without Limits
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Vfsjfilechooser2 version 0.2.9 and below which occurs when the application attempts to validate crafted URIs.
CVSS 7.5
CVE-2021-40894 WRITEUP HIGH WORKING POC
underscore-99xp <1.7.2 - DoS
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in underscore-99xp v1.7.2 when the deepValueSearch function is called.
CVSS 7.5
CVE-2021-40901 WRITEUP HIGH WORKING POC
scniro-validator v1.0.1 - DoS
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in scniro-validator v1.0.1 when validating crafted invalid emails.
CVSS 7.5