CVE-2023-1894

MEDIUM Year: 2023
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-1333
View all →

Vulnerability Description

A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations.

Related Vulnerabilities

CVE-2017-20162

MEDIUM
CVSS:5.3(Medium)

A vulnerability, which was classified as problematic, has been found in vercel ms up to 1.x. This issue affects the function parse of the file index.js. The manipulation of the argument str leads to i...

CWE-13332017

CVE-2021-23362

MEDIUM
CVSS:5.3(Medium)

The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service (ReDoS) via regular expression shortcutMatch in the fromUrl function in index.js. The affected regular e...

CWE-13332021

CVE-2021-23364

MEDIUM
CVSS:5.3(Medium)

The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.

CWE-13332021

CVE-2021-3765

MEDIUM
CVSS:5.3(Medium)

validator.js is vulnerable to Inefficient Regular Expression Complexity

CWE-13332021

CVE-2021-3820

MEDIUM
CVSS:5.3(Medium)

inflect is vulnerable to Inefficient Regular Expression Complexity

CWE-13332021

CVE-2021-3822

MEDIUM
CVSS:5.3(Medium)

jsoneditor is vulnerable to Inefficient Regular Expression Complexity

CWE-13332021