CWE-1333

High likelihood

Inefficient Regular Expression Complexity

Parent: CWE-407 - Inefficient Algorithmic Complexity

The product uses a regular expression with a worst-case computational complexity that is inefficient and possibly exponential.

426 vulnerabilities with CWE-1333
CVE-2022-1510 MEDIUM
GitLab <14.8.6-14.9.4-14.10.1 - DoS
CVSS 6.5
CVE-2022-29167 HIGH
Hawk < 9.0.1 - Denial of Service via Host Header Regular Expression
CVSS 7.4
CVE-2022-25844 MEDIUM
angularjs >=1.7.0 - Regular Expression Denial of Service via Custom Locale Rule
CVSS 5.3
CVE-2022-24836 HIGH
Nokogiri < 1.13.4 - Inefficient Regular Expression Complexity in HTML Encoding Detection
CVSS 7.5
CVE-2022-25598 HIGH
Apache DolphinScheduler < 2.0.5 - Regular Expression Denial of Service in User Registration
CVSS 7.5
CVE-2022-24729 MEDIUM
CKEditor 4.0-4.17.2 - Denial of Service via Dialog Input Validator Regex
CVSS 6.5
CVE-2022-24713 HIGH
regex <= 1.5.4 - Denial of Service via Regex Parsing Mitigation Bypass
CVSS 7.5
CVE-2022-21681 HIGH
marked < 4.0.10 - Denial of Service via Catastrophic Backtracking in ReflinkSearch Regex
CVSS 7.5
CVE-2022-21680 HIGH
marked < 4.0.10 - Regular Expression Denial of Service via Catastrophic Backtracking
CVSS 7.5
CVE-2022-21670 MEDIUM
markdown-it <1.3.2 - Info Disclosure
CVSS 5.3
CVE-2021-4437 LOW
dbartholomae lambda-middleware frameguard <1.1.0 - Info Disclosure
CVSS 3.5
CVE-2021-32848 HIGH
octobox < 2021-11-02 - Denial of Service via ReDoS in Search Query Parser
CVSS 7.5
CVE-2021-32837 HIGH
mechanize < 0.4.6 - Regular Expression Denial of Service
CVSS 7.5
CVE-2021-4306 LOW
cronvel terminal-kit <2.1.8 - Info Disclosure
CVSS 3.5
CVE-2021-4305 LOW
Woorank robots-txt-guard - Info Disclosure
CVSS 3.5
CVE-2021-32821 MEDIUM
MooTools < 1.6.0 - Regular Expression Denial of Service via CSS Selector Parser
CVSS 6.2
CVE-2021-4299 MEDIUM
cronvel string-kit <0.12.8 - Info Disclosure
CVSS 4.3
CVE-2021-35065 HIGH
glob-parent 6.0.0 - Regular Expression Denial of Service via Enclosure Regex
CVSS 7.5
CVE-2021-43309 MEDIUM
uri-template-lite < 22.9.0 - Regular Expression Denial of Service via URI.expand Method
CVSS 5.9
CVE-2021-40901 HIGH
scniro-validator 1.0.1 - Regular Expression Denial of Service via Email Validation
CVSS 7.5
CVE-2021-40900 HIGH
regexfn 1.0.5 - Regular Expression Denial of Service via Email Validation
CVSS 7.5
CVE-2021-40899 HIGH
repo-git-downloader 0.1.1 - Regular Expression Denial of Service
CVSS 7.5
CVE-2021-40898 HIGH
scaffold-helper 1.2.0 - Regular Expression Denial of Service
CVSS 7.5
CVE-2021-40897 HIGH
split-html-to-chars 1.0.5 - Regular Expression Denial of Service via Crafted Invalid HTML
CVSS 7.5
CVE-2021-40896 HIGH
that-value 0.1.3 - Regular Expression Denial of Service via Email Validation
CVSS 7.5
Details
Vulnerabilities 426
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits