CWE-1333

High likelihood

Inefficient Regular Expression Complexity

Parent: CWE-407 - Inefficient Algorithmic Complexity

The product uses a regular expression with a worst-case computational complexity that is inefficient and possibly exponential.

426 vulnerabilities with CWE-1333
CVE-2023-39663 HIGH
MathJax < 2.7.9 - Regular Expression Denial of Service via Pattern Matching
CVSS 7.5
CVE-2023-40599 HIGH
Mailform Pro CGI < 4.3.1.3 - Unauthenticated Regular Expression Denial-of-Service in Multiple Add-ons
CVSS 7.5
CVE-2023-3994 HIGH
GitLab 9.3-16.0.7, 16.1-16.1.2, 16.2-16.2.1 - Regular Expression Denial of Service via ProjectReferenceFilter
CVSS 7.5
CVE-2023-3364 HIGH
GitLab CE/EE <16.0.8-16.1.3-16.2.2 - DoS
CVSS 7.5
CVE-2023-0632 MEDIUM
GitLab 15.2-16.0.7, 16.1-16.1.2, 16.2-16.2.1 - Regular Expression Denial of Service via Harbor Registry Search
CVSS 6.5
CVE-2023-39174 MEDIUM
JetBrains TeamCity <2023.05.2 - DoS
CVSS 4.3
CVE-2023-3446 MEDIUM
OpenSSL - Denial of Service via DH Parameter Check
CVSS 5.3
CVE-2023-3424 HIGH
GitLab 10.3.0-15.11.9, 16.0.0-16.0.5, 16.1.0 - Denial of Service via Preview Markdown Endpoint
CVSS 7.5
CVE-2023-36543 MEDIUM
Apache Airflow < 2.6.3 - Authenticated Denial of Service via Inefficient Regular Expression
CVSS 6.5
CVE-2023-36053 HIGH
Django 3.2-3.2.19, 4.0-4.1.9, 4.2-4.2.2 - Regular Expression Denial of Service in EmailValidator and URLValidator
CVSS 7.5
CVE-2023-36617 MEDIUM
URI < 0.10.3 - Inefficient Regular Expression Complexity in RFC Parser
CVSS 5.3
CVE-2023-32610 HIGH
Mailform Pro CGI <= 4.3.1.2 - Unauthenticated Denial of Service via Inefficient Regular Expression Complexity
CVSS 7.5
CVE-2023-2232 MEDIUM
GitLab 15.10-16.1 - Denial of Service via Jira Prefix Regular Expression
CVSS 6.5
CVE-2023-26115 MEDIUM
word-wrap < 1.2.4 - Regular Expression Denial of Service via Insecure Regular Expression
CVSS 5.3
CVE-2023-33289 HIGH
urlnorm < 0.1.4 - Regular Expression Denial of Service via Crafted URL
CVSS 7.5
CVE-2023-33290 HIGH
git-url-parse < 0.4.4 - Regular Expression Denial of Service via normalize_url
CVSS 7.5
CVE-2023-2199 HIGH
GitLab CE/EE <15.10.8/<16.0.2 - DoS
CVSS 7.5
CVE-2023-2198 HIGH
GitLab CE/EE <15.10.8/<16.0.2 - DoS
CVSS 7.5
CVE-2023-34104 HIGH
fast-xml-parser < 4.2.4 - Denial of Service via Crafted Entity Name Regex
CVSS 7.5
CVE-2023-31606 HIGH
RedCloth 4.0.0-4.3.2 - Regular Expression Denial of Service in sanitize_html
CVSS 7.5
CVE-2023-2132 HIGH
GitLab CE/EE <15.10.8/<15.11.7/<16.0.2 - DoS
CVSS 7.5
CVE-2023-33950 MEDIUM
Liferay Portal/DXP 7.4.3.48-7.4.3.76 - DoS
CVSS 6.5
CVE-2023-32758 HIGH
git-url-parse < 1.2.2 - Regular Expression Denial of Service via URL Parsing
CVSS 7.5
CVE-2023-1894 MEDIUM
Puppet Server 7.9.2 - Regular Expression Denial of Service in Certificate Validation
CVSS 5.3
CVE-2023-30858 MEDIUM
denosaurs emoji 0.1.0-<0.3.0 - Denial of Service via Inefficient Regular Expression in reTrimSpace
CVSS 5.3
Details
Vulnerabilities 426
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits