Vulnerabilities > Incorrect Regular Expression

DATE CVE VULNERABILITY TITLE RISK
2019-08-13 CVE-2019-14993 Incorrect Regular Expression vulnerability in Istio
Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API.
network
low complexity
istio CWE-185
7.5
2019-06-13 CVE-2019-12798 Incorrect Regular Expression vulnerability in Artifex Mujs 1.0.5
An issue was discovered in Artifex MuJS 1.0.5.
network
low complexity
artifex CWE-185
critical
9.8
2019-03-14 CVE-2018-20801 Incorrect Regular Expression vulnerability in Highcharts
In js/parts/SvgRenderer.js in Highcharts JS before 6.1.0, the use of backtracking regular expressions permitted an attacker to conduct a denial of service attack against the SVGRenderer component, aka ReDoS.
network
low complexity
highcharts CWE-185
7.5
2019-02-13 CVE-2018-20164 Incorrect Regular Expression vulnerability in Uaparser User Agent Parser-Core
An issue was discovered in regex.yaml (aka regexes.yaml) in UA-Parser UAP-Core before 0.6.0.
network
low complexity
uaparser CWE-185
5.3
2018-10-04 CVE-2018-17984 Incorrect Regular Expression vulnerability in Ispconfig
An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 makes it possible to include arbitrary files, leading to code execution.
local
low complexity
ispconfig CWE-185
7.8
2018-08-30 CVE-2018-11615 Incorrect Regular Expression vulnerability in Mosca Project Mosca 2.8.1
This vulnerability allows remote attackers to deny service on vulnerable installations of npm mosca 2.8.1.
network
low complexity
mosca-project CWE-185
7.5
2018-06-07 CVE-2018-3738 Incorrect Regular Expression vulnerability in Protobufjs Project Protobufjs
protobufjs is vulnerable to ReDoS when parsing crafted invalid .proto files.
local
low complexity
protobufjs-project CWE-185
5.5
2018-06-07 CVE-2018-3737 Incorrect Regular Expression vulnerability in Joyent Sshpk
sshpk is vulnerable to ReDoS when parsing crafted invalid public keys.
network
low complexity
joyent CWE-185
7.5
2018-03-09 CVE-2018-7537 Incorrect Regular Expression vulnerability in multiple products
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19.
network
low complexity
canonical djangoproject debian CWE-185
5.3
2018-03-09 CVE-2018-7536 Incorrect Regular Expression vulnerability in multiple products
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19.
network
low complexity
canonical djangoproject debian redhat CWE-185
5.3