CWE-1333

High likelihood

Inefficient Regular Expression Complexity

Parent: CWE-407 - Inefficient Algorithmic Complexity

The product uses a regular expression with a worst-case computational complexity that is inefficient and possibly exponential.

426 vulnerabilities with CWE-1333
CVE-2022-24373 MEDIUM
react-native-reanimated <3.0.0-rc.1 - ReDoS
CVSS 5.3
CVE-2022-21222 MEDIUM
css-what < 2.1.3 - Regular Expression Denial of Service via Insecure Regular Expression in parse Function
CVSS 5.3
CVE-2022-37259 HIGH
stealjs steal 2.2.4 - Regular Expression Denial of Service via String Variable in babel.js
CVSS 7.5
CVE-2022-37260 HIGH
stealjs steal 2.2.4 - Regular Expression Denial of Service via Input Variable
CVSS 7.5
CVE-2022-37262 HIGH
stealjs steal 2.2.4 - Regular Expression Denial of Service via source and sourceWithComments Variable
CVSS 7.5
CVE-2022-40023 HIGH
Mako < 1.2.2 - Regular Expression Denial of Service via Lexer Class
CVSS 7.5
CVE-2022-36064 MEDIUM
Shescape - Inefficient Regular Expression Complexity
CVSS 5.9
CVE-2022-29158 HIGH
Apache OFBiz < 18.12.06 - Unauthenticated Regular Expression Denial of Service
CVSS 7.5
CVE-2022-25887 MEDIUM
sanitize-html < 2.7.1 - Regular Expression Denial of Service via HTML Comment Removal
CVSS 5.3
CVE-2022-36034 HIGH
nitrado.js < 0.2.5 - Inefficient Regular Expression Complexity via Malicious Input
CVSS 7.5
CVE-2022-1930 MEDIUM
eth-account < 0.5.9 - Denial of Service via encode_structured_data Method
CVSS 5.9
CVE-2022-35923 HIGH
v8n <1.5.1 - Denial of Service
CVSS 7.5
CVE-2022-2596 MEDIUM
GitHub node-fetch <3.2.10 - Info Disclosure
CVSS 5.9
CVE-2022-34749 HIGH
mistune < 2.0.2 - Inefficient Regular Expression Complexity
CVSS 7.5
CVE-2022-25858 MEDIUM
terser < 4.8.1 and 5.0.0-5.14.2 - Regular Expression Denial of Service
CVSS 5.3
CVE-2022-31147 HIGH
jQuery Validation Plugin <1.19.5 - DoS
CVSS 7.5
CVE-2022-31781 HIGH
Apache Tapestry < 5.8.2 - Regular Expression Denial of Service in ContentType Class
CVSS 7.5
CVE-2022-31129 HIGH
moment 2.18.0-2.29.3 - Denial of Service via RFC2822 Date Parsing
CVSS 7.5
CVE-2022-25758 MEDIUM
scss-tokenizer < 0.4.3 - Denial of Service via Insecure Regular Expression in loadAnnotation
CVSS 5.3
CVE-2022-1954 MEDIUM
GitLab 1.0.2-14.10.4, 15.0-15.0.3, 15.1 - Regular Expression Denial of Service via Web Server Response Headers
CVSS 4.3
CVE-2022-31110 MEDIUM
RSSHub < 2022-06-21 - Denial of Service via Inefficient Regular Expression in Filter Parameters
CVSS 5.3
CVE-2022-1929 MEDIUM
devcert < 1.2.1 - Denial of Service via Inefficient Regular Expression in certificateFor Method
CVSS 5.9
CVE-2022-29169 HIGH
BigBlueButton <2.3.19, <2.4.7, <2.5.0-beta.2 - DoS
CVSS 7.5
CVE-2022-21195 MEDIUM
url-regex - Regular Expression Denial of Service
CVSS 5.3
CVE-2022-26650 HIGH
Apache ShenYu 2.4.0-2.4.2 - Denial of Service via RegexPredicateJudge
CVSS 7.5
Details
Vulnerabilities 426
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits