Lucene search
GoogleOSV:GHSA-62GR-4QP9-H98FHistoryFeb 10, 2022 - 8:38 p.m.
Regular Expression Denial of Service in Handlebars
2022-02-1020:38:22
Google
osv.dev
24
handlebars
regular expression denial of service
eager matching
crafted templates
system resources
EPSS
0.002
Percentile
56.6%
Handlebars before 4.4.5 allows Regular Expression Denial of Service (ReDoS) because of eager matching. The parser may be forced into an endless loop while processing crafted templates. This may allow attackers to exhaust system resources.
Related
ubuntucve
ubuntucve
CVE-2019-20922
2020-09-30 00:00:00
redhatcve
redhatcve
CVE-2019-20922
2020-09-30 16:17:54
cvelist
cvelist
CVE-2019-20922
2020-09-30 12:30:22
nvd
nvd
CVE-2019-20922
2020-09-30 18:15:18
github
github
Regular Expression Denial of Service in Handlebars
2022-02-10 20:38:22
veracode
veracode
Denial Of Service (DoS)
2019-11-06 03:51:26
Regular Expression Denial Of Service (ReDoS)
2020-11-25 08:40:10
osv
osv
CVE-2019-20922
2020-09-30 18:15:18
cve
cve
CVE-2019-20922
2020-09-30 18:15:18
prion
prion
Design/Logic Flaw
2020-09-30 18:15:00
debiancve
debiancve
CVE-2019-20922
2020-09-30 18:15:18
redhat
redhat
nessus
nessus
RHEL 8 : Red Hat Virtualization (RHSA-2020:5179)
2020-11-24 00:00:00
ibm
ibm