CWE-1333
High likelihoodInefficient Regular Expression Complexity
The product uses a regular expression with a worst-case computational complexity that is inefficient and possibly exponential.
426 vulnerabilities with CWE-1333
CVE-2024-4025
MEDIUM
GitLab 7.10-16.11.4, 17.0-17.0.2, 17.1 - Denial of Service via Crafted Markdown Page
CVSS 6.5
CVE-2024-13926
HIGH
WP-Syntax < 1.2 - Denial of Service via Catastrophic Backtracking in Tag Processing
CVSS 7.5
CVE-2024-13896
MEDIUM
WP-GeSHi-Highlight < 1.4.3 - Regular Expression Denial of Service via wp_geshi_filter_replace_code()
CVSS 6.5
CVE-2024-8998
HIGH
lunary < 1.4.26 - Regular Expression Denial of Service via Crafted User Input
CVSS 7.5
CVE-2024-8789
HIGH
lunary < 1.4.23 - Regular Expression Denial of Service via User-Supplied Regex
CVSS 7.5
CVE-2024-8764
HIGH
lunary < 1.4.23 - Denial of Service via Inefficient Regular Expression Complexity
CVSS 7.5
CVE-2024-8763
HIGH
lunary < 1.4.23 - Regular Expression Denial of Service in compileTextTemplate
CVSS 7.5
CVE-2024-7779
HIGH
danswer-ai/danswer 1 - Regular Expression Denial of Service
CVSS 7.5
CVE-2024-12720
HIGH
huggingface/transformers < 4.48.0 - Regular Expression Denial of Service in tokenization_nougat_fast.py
CVSS 7.5
CVE-2024-12391
MEDIUM
binary-husky gpt_academic - Regular Expression Denial of Service via User-Provided Regex in Source Code Parsing
CVSS 6.5
CVE-2024-12388
MEDIUM
binary-husky gpt_academic 310122f - Regular Expression Denial of Service via User Input Parsing
CVSS 6.5
CVE-2024-10955
MEDIUM
gaizhenbiao/chuanhuchatgpt - Regular Expression Denial of Service via Malicious JSON Payload
CVSS 6.5
CVE-2024-10624
HIGH
gradio - Regular Expression Denial of Service in Datetime Component
CVSS 7.5
CVE-2024-10550
HIGH
h2o 3.46.0.1 - Denial of Service via Inefficient Regular Expression Complexity in /3/ParseSetup Endpoint
CVSS 7.5
CVE-2024-10549
HIGH
h2o 3.46.0.1 - Denial of Service via /3/Parse Endpoint Regular Expression
CVSS 7.5
CVE-2024-54170
MEDIUM
IBM EntireX 11.1 - Denial of Service via Inefficient Regular Expression
CVSS 5.5
CVE-2024-36751
MEDIUM
parse-uri - Regular Expression Denial of Service via Crafted URL
CVSS 6.5
CVE-2024-46242
HIGH
CTFd 3.7.3 - Regular Expression Denial of Service via Email Validation
CVSS 7.5
CVE-2024-41766
HIGH
IBM Engineering Lifecycle Optimization - Publishing 7.0.2/7.0.3 DoS via Regex Complexity
CVSS 7.5
CVE-2024-45338
MEDIUM
golang.org/x/net/html < 0.33.0 - Denial of Service via Inefficient Regular Expression Complexity
CVSS 5.3
CVE-2024-52798
HIGH
path-to-regexp <0.1.12 - Info Disclosure
CVE-2024-54157
MEDIUM
JetBrains YouTrack <2024.3.52635 - DoS
CVSS 4.3
CVE-2024-10270
MEDIUM
Keycloak-services < 24.0.9 - Denial of Service via Regex Complexity in SearchQueryUtils
CVSS 6.5
CVE-2024-21539
HIGH
@eslint/plugin-kit < 0.2.3 - Regular Expression Denial of Service via Improper Input Sanitization
CVSS 7.5
CVE-2024-52524
MEDIUM
Giskard < 2.15.5 - Denial of Service via Inefficient Regular Expression Complexity
Details
Vulnerabilities
426
Exploit Likelihood
High