Lucene search
Veracode Vulnerability DatabaseVERACODE:38942HistoryJan 20, 2023 - 7:32 a.m.
Regular Expression Denial Of Service (ReDoS)
2023-01-2007:32:00
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
regular expression denial of service
papaparse.js
inefficient regular expression complexity
malicious string
application crash
0.003 Low
EPSS
Percentile
70.4%
papapars is vulnerable to Regular Expression Denial of Service (ReDoS). The vulnerability exists in papaparse.js due to inefficient regular expression complexity which allows an attacker to crash the application by submitting a malicious string.
References
github.com/advisories/GHSA-798h-g4j5-5537
github.com/mholt/PapaParse/commit/235a12758cd77266d2e98fd715f53536b34ad621
github.com/mholt/PapaParse/issues/777
github.com/mholt/PapaParse/issues/777
github.com/mholt/PapaParse/pull/779
github.com/mholt/PapaParse/releases/tag/5.2.0
vuldb.com/?ctiid.218004
vuldb.com/?id.218004
Related
osv
osv
CVE-2020-36649
2023-01-11 15:15:09
PapaParse Inefficient Regular Expression Complexity vulnerability
2023-01-11 15:30:28
nvd
nvd
CVE-2020-36649
2023-01-11 15:15:09
debiancve
debiancve
CVE-2020-36649
2023-01-11 15:15:09
cvelist
cvelist
CVE-2020-36649 mholt PapaParse papaparse.js redos
2023-01-11 14:50:51
cve
cve
CVE-2020-36649
2023-01-11 15:15:09
ubuntucve
ubuntucve
CVE-2020-36649
2023-01-11 00:00:00
prion
prion
Security feature bypass
2023-01-11 15:15:00
redhatcve
redhatcve
CVE-2020-36649
2023-01-12 07:35:22
freebsd
freebsd
mediawiki -- multiple vulnerabilities
2020-04-02 00:00:00
github
github
PapaParse Inefficient Regular Expression Complexity vulnerability
2023-01-11 15:30:28
openvas
openvas
MediaWiki < 1.35.10, 1.36.x < 1.38.6, 1.39.x < 1.39.3 Multiple Vulnerabilities - Windows
2023-04-05 00:00:00
MediaWiki < 1.35.10, 1.36.x < 1.38.6, 1.39.x < 1.39.3 Multiple Vulnerabilities - Linux
2023-04-05 00:00:00
Mageia: Security Advisory (MGASA-2023-0204)
2023-06-29 00:00:00
mageia
mageia
Updated mediawiki packages fix security vulnerability
2023-06-28 08:21:41