CWE-1333

High likelihood

Inefficient Regular Expression Complexity

Parent: CWE-407 - Inefficient Algorithmic Complexity

The product uses a regular expression with a worst-case computational complexity that is inefficient and possibly exponential.

426 vulnerabilities with CWE-1333
CVE-2020-26305 HIGH
CommonRegexJS - Regular Expression Denial of Service
CVSS 7.5
CVE-2020-26304 HIGH
Foundation < 6.3.3 - Regular Expression Denial of Service
CVSS 7.5
CVE-2020-26303 HIGH
bevacqua insane < 2.6.2 - Regular Expression Denial of Service
CVSS 7.5
CVE-2020-36830 MEDIUM
nescalante urlregex <0.5.1 - Info Disclosure
CVSS 4.3
CVE-2020-6817 HIGH
bleach < 3.1.4 - Regular Expression Denial of Service via Style Attribute Parsing
CVSS 7.5
CVE-2020-36661 LOW
Kong lua-multipart <0.5.9-1 - Regular Expression Complexity
CVSS 3.5
CVE-2020-36649 LOW
mholt PapaParse <5.1.x - Regular Expression Complexity
CVSS 3.5
CVE-2020-26302 HIGH
is.js <0.9.0 - ReDoS
CVSS 7.5
CVE-2020-1920 HIGH
React Native 0.59.0-0.64.0 - Regular Expression Denial of Service in validateBaseUrl
CVSS 7.5
CVE-2020-5243 MEDIUM
uap-core < 0.7.3 - Denial of Service via User-Agent Regex Processing
CVSS 5.7
CVE-2019-25103 MEDIUM
simple-markdown <0.5.2 - Info Disclosure
CVSS 4.3
CVE-2019-25102 MEDIUM
simple-markdown <0.6.1 - Inefficient Regular Expression Complexity
CVSS 4.3
CVE-2019-16215 MEDIUM
zulip_server < 2.0.5 - Authenticated Denial of Service via Markdown Parser Regex
CVSS 6.5
CVE-2019-12041 HIGH
remarkable 1.7.1 - Regular Expression Denial of Service via CDATA Section
CVSS 7.5
CVE-2018-25110 HIGH
marked < 0.3.17 - Denial of Service via Regular Expression Backtracking
CVSS 7.5
CVE-2018-25079 MEDIUM
Segmentio is-url < 1.2.2 - Inefficient Regular Expression Complexity in index.js
CVSS 4.3
CVE-2018-25077 LOW
melnaron mel-spintax - Info Disclosure
CVSS 3.5
CVE-2018-25074 LOW
skeemas < 1.2.5 - Inefficient Regular Expression Complexity in URI Validation
CVSS 3.5
CVE-2018-25061 MEDIUM
rgb2hex <0.1.5 - Regular Expression Complexity
CVSS 4.3
CVE-2018-25049 LOW
email-existence - Inefficient Regular Expression Complexity in index.js
CVSS 3.0
CVE-2017-20165 LOW
debug < 3.1.0 - Inefficient Regular Expression Complexity in useColors Function
CVSS 3.5
CVE-2017-20162 MEDIUM
Vercel MS <2.0.0 - Regular Expression Complexity
CVSS 4.3
CVE-2017-16021 MEDIUM
uri-js < 2.1.1 - Inefficient Regular Expression Complexity in URL Validation
CVSS 6.5
CVE-2015-10005 LOW
markdown-it <3.0.0 - Info Disclosure
CVSS 3.5
CVE-2015-8854 HIGH
marked < 0.3.4 - Denial of Service via Regular Expression Backtracking in Inline Rule
CVSS 7.5
Details
Vulnerabilities 426
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits