CWE-1333

High likelihood

Inefficient Regular Expression Complexity

Parent: CWE-407 - Inefficient Algorithmic Complexity

The product uses a regular expression with a worst-case computational complexity that is inefficient and possibly exponential.

426 vulnerabilities with CWE-1333
CVE-2024-24762 HIGH
python-multipart < 0.0.7 - Regular Expression Denial of Service via Content-Type Header Parsing
CVSS 7.5
CVE-2024-23732 HIGH
embedchain < 0.1.57 - Denial of Service via JSON Loader ReDoS
CVSS 7.5
CVE-2023-0881 HIGH
Canonical Linux-Bluefield < 5.4.0-1058.64 - Denial of Service via TCP Port 22 DDoS
CVSS 7.5
CVE-2023-7279 LOW
Secure Systems Engineering Connaisseur <3.3.0 - Info Disclosure
CVSS 2.6
CVE-2023-6502 MEDIUM
GitLab CE/EE <16.10.6, <16.11.3, <17.0.1 - DoS
CVSS 4.3
CVE-2023-6688 MEDIUM
GitLab 16.11.0-16.11.1 - Denial of Service via Google Chat Messages Integration
CVSS 6.5
CVE-2023-6682 MEDIUM
GitLab 16.9-16.9.6, 16.10-16.10.4, 16.11-16.11.1 - Denial of Service via Discord Integration Chat Message Processing
CVSS 6.5
CVE-2023-6678 MEDIUM
GitLab < 16.8.6, 16.9 < 16.9.4, 16.10 < 16.10.2 - Denial of Service via JUnit Test Report File
CVSS 4.3
CVE-2023-6489 MEDIUM
GitLab CE/EE <16.8.6, <16.9.4, <16.10.2 - DoS
CVSS 4.3
CVE-2023-51931 HIGH
alanclarke URLite < 3.1.0 - Denial of Service via Parsing Function
CVSS 7.5
CVE-2023-6736 MEDIUM
GitLab 11.3-16.7.5, 16.8-16.8.2, 16.9-16.9.0 - Denial of Service via Malicious CODEOWNERS File
CVSS 6.5
CVE-2023-6159 MEDIUM
GitLab 12.7-16.6.5, 16.7-16.7.3, 16.8 - Regular Expression Denial of Service via Malicious Cargo.toml Input
CVSS 6.5
CVE-2023-29487 CRITICAL
Heimdal Thor < 3.5.3 - Denial of Service via Threat To Process Correlation Module
CVSS 9.1
CVE-2023-29486 CRITICAL
Heimdal Thor <3.7.0 - Privilege Escalation
CVSS 9.8
CVE-2023-50249 HIGH
Sentry Astro 7.78.0-7.86.0 - Regular Expression Denial of Service
CVSS 7.5
CVE-2023-48631 MEDIUM
Adobe CSS-Tools < 4.3.2 - Denial of Service via CSS Parsing
CVSS 5.3
CVE-2023-46402 HIGH
git-urls 1.0.0 - Denial of Service via Inefficient Regular Expression
CVSS 7.5
CVE-2023-45806 MEDIUM
Discourse <3.1.3, <3.2.0.beta3 - Info Disclosure
CVSS 4.3
CVE-2023-3909 MEDIUM
GitLab 12.3-16.3.5, 16.4-16.4.1, 16.5 - Regular Expression Denial of Service via gitlab-ci.yml Timeout Input
CVSS 4.3
CVE-2023-39619 HIGH
node_email_check 1.0.4 - Denial of Service via ReDos in scpSyntax Component
CVSS 7.5
CVE-2023-45813 MEDIUM
Torbot < 4.0.0 - Denial of Service via Inefficient URL Validation Regex
CVSS 4.6
CVE-2023-4316 HIGH
zod 3.21.0-3.22.3 - Denial of Service via Email Validation
CVSS 7.5
CVE-2023-43646 HIGH
get-func-name < 2.0.1 - Denial of Service via Inefficient Regular Expression Complexity
CVSS 8.6
CVE-2023-3210 MEDIUM
GitLab 15.11-16.1.4, 16.2-16.2.4, 16.3 - Authenticated Denial of Service via Malicious Content Import/Clone
CVSS 6.5
CVE-2023-3205 MEDIUM
GitLab 15.11-16.1.4, 16.2-16.2.4, 16.3 - Authenticated Denial of Service via Malicious Content Import/Clone
CVSS 6.5
Details
Vulnerabilities 426
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits