CVE-2024-45338

MEDIUM Year: 2024
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-1333
View all →

Vulnerability Description

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

Related Vulnerabilities

CVE-2017-20162

MEDIUM
CVSS:5.3(Medium)

A vulnerability, which was classified as problematic, has been found in vercel ms up to 1.x. This issue affects the function parse of the file index.js. The manipulation of the argument str leads to i...

CWE-13332017

CVE-2021-23362

MEDIUM
CVSS:5.3(Medium)

The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service (ReDoS) via regular expression shortcutMatch in the fromUrl function in index.js. The affected regular e...

CWE-13332021

CVE-2021-23364

MEDIUM
CVSS:5.3(Medium)

The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.

CWE-13332021

CVE-2021-3765

MEDIUM
CVSS:5.3(Medium)

validator.js is vulnerable to Inefficient Regular Expression Complexity

CWE-13332021

CVE-2021-3820

MEDIUM
CVSS:5.3(Medium)

inflect is vulnerable to Inefficient Regular Expression Complexity

CWE-13332021

CVE-2021-3822

MEDIUM
CVSS:5.3(Medium)

jsoneditor is vulnerable to Inefficient Regular Expression Complexity

CWE-13332021