CVSS: 8.7EPSS: 0%CPEs: -EXPL: 0CVE-2020-26310 – GHSL-2020-305: Regular Expression Denial of Service (ReDoS) in Pure JavaScript HTML5 Parser
https://notcve.org/view.php?id=CVE-2020-26310
Validate.js provides a declarative way of validating javascript objects. All versions as of 30 November 2020 contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, it is unknown if any patches are available. • https://github.com/blowsie/Pure-JavaScript-HTML5-Parser/issues/14 https://securitylab.github.com/advisories/GHSL-2020-305-redos-Pure-JavaScript-HTML5-Parser • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26309 – GHSL-2020-303: Regular Expression Denial of Service (ReDoS) in nope-validator
https://notcve.org/view.php?id=CVE-2020-26309
Validate.js provides a declarative way of validating javascript objects. Versions 0.11.3 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, it is unknown if any patches are available. • https://github.com/ftonato/nope-validator/issues/352 https://securitylab.github.com/advisories/GHSL-2020-303-redos-nope-validator • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26308 – GHSL-2020-302: Regular Expression Denial of Service (ReDoS) in validate.js
https://notcve.org/view.php?id=CVE-2020-26308
Validate.js provides a declarative way of validating javascript objects. Versions 0.13.1 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available. • https://github.com/ansman/validate.js/issues/342 https://securitylab.github.com/advisories/GHSL-2020-302-redos-validate.js • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26307 – GHSL-2020-301: Regular Expression Denial of Service (ReDoS) in HTML2Markdown
https://notcve.org/view.php?id=CVE-2020-26307
All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available. • https://github.com/kates/html2markdown/issues/13 https://securitylab.github.com/advisories/GHSL-2020-301-redos-HTML2Markdown • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26306 – GHSL-2020-296: Regular Expression Denial of Service (ReDoS) in Knwl.js
https://notcve.org/view.php?id=CVE-2020-26306
Versions 1.0.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available. • https://github.com/benhmoore/Knwl/issues/106 https://securitylab.github.com/advisories/GHSL-2020-296-redos-Knwl.js • CWE-1333: Inefficient Regular Expression Complexity •