CWE-1333
High likelihoodInefficient Regular Expression Complexity
The product uses a regular expression with a worst-case computational complexity that is inefficient and possibly exponential.
426 vulnerabilities with CWE-1333
CVE-2022-25927
MEDIUM
ua-parser-js 0.7.30-0.7.32 and 0.8.1-1.0.32 - Regular Expression Denial of Service via trim() Function
CVSS 5.3
CVE-2022-25901
MEDIUM
cookiejar < 2.1.4 - Denial of Service via Insecure Regular Expression in Cookie.parse
CVSS 5.3
CVE-2022-4891
LOW
Sisimai <4.25.14p11 - Info Disclosure
CVSS 3.5
CVE-2022-4131
MEDIUM
GitLab 10.8.0-15.5.6, 15.6.0-15.6.3, 15.7.0-15.7.1 - Denial of Service via User Agent Regex Parsing
CVSS 4.3
CVE-2022-3514
MEDIUM
GitLab CE/EE <15.5.7-15.6.4-15.7.2 - DoS
CVSS 4.3
CVE-2022-23548
MEDIUM
Discourse < 2.8.14 - Regular Expression Denial of Service
CVSS 6.5
CVE-2022-40897
MEDIUM
Python Packaging Authority (PyPA) setuptools <65.5.1 - DoS
CVSS 5.9
CVE-2022-23517
HIGH
rails-html-sanitizer < 1.4.4 - Denial of Service via Inefficient SVG Attribute Regex
CVSS 7.5
CVE-2022-23514
HIGH
Loofah < 2.19.1 - Denial of Service via Inefficient SVG Attribute Regular Expression
CVSS 7.5
CVE-2022-30122
HIGH
Rack <2.0.9.1, <2.1.4.1, <2.2.3.1 - Denial of Service in Multipart Parsing
CVSS 7.5
CVE-2022-42124
HIGH
Liferay Portal 7.3.2-7.4.3.4 & DXP 7.2 FP9-18, 7.3 < U4, 7.4 GA - ReDoS in LayoutPageTemplateEntryUpgradeProcess
CVSS 7.5
CVE-2022-42966
MEDIUM
cleo < 2.0.0 - Regular Expression Denial of Service via Table.set_rows Method
CVSS 5.9
CVE-2022-42965
LOW
snowflake-connector-python < 2.8.2 - Regular Expression Denial of Service via get_file_transfer_type
CVSS 3.7
CVE-2022-42964
MEDIUM
pymatgen - Denial of Service via GaussianInput.from_string ReDoS
CVSS 5.9
CVE-2022-37620
HIGH
html-minifier-terser < 7.2.0 - Denial of Service via reCustomIgnore Regular Expression
CVSS 7.5
CVE-2022-25918
MEDIUM
shescape >=1.5.10 <1.6.1 - Regular Expression Denial of Service via escapeArgBash Function
CVSS 5.3
CVE-2022-3517
HIGH
minimatch < 3.0.5 - Denial of Service via braceExpand Function
CVSS 7.5
CVE-2022-2908
MEDIUM
GitLab 10.7-15.1.4, 15.2-15.2.2, 15.3 - Denial of Service via Commit Message Field
CVSS 4.3
CVE-2022-42969
MEDIUM
PY < 1.11.0 - Denial of Service
CVSS 5.3
CVE-2022-41323
HIGH
Django 3.2-4.1 - Denial of Service via Locale Parameter Regular Expression
CVSS 7.5
CVE-2022-37603
HIGH
webpack.js loader-utils < 1.4.2 - Regular Expression Denial of Service in interpolateName Function
CVSS 7.5
CVE-2022-37599
HIGH
webpack.js loader-utils 1.0.0-1.4.1 - Regular Expression Denial of Service in interpolateName Function
CVSS 7.5
CVE-2022-34402
MEDIUM
Dell Wyse ThinOS < 9.3.2102 - Authenticated Denial of Service via Regular Expression Complexity
CVSS 6.8
CVE-2022-39280
MEDIUM
Pyup Dependency Parser < 0.5.1 - Denial of Service
CVSS 5.9
CVE-2022-34428
MEDIUM
Dell Hybrid Client - Regular Expression Denial of Service in UI
CVSS 5.0
Details
Vulnerabilities
426
Exploit Likelihood
High