CVE-2022-21195

All versions of package url-regex are vulnerable to Regular Expression Denial of Service (ReDoS) which can cause the CPU usage to crash.
Configurations

Configuration 1 (hide)

cpe:2.3:a:url-regex_project:url-regex:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:44

Type Values Removed Values Added
References () https://github.com/AlexFlipnote/url_regex/blob/master/url_regex/url_regex.py - Exploit, Third Party Advisory () https://github.com/AlexFlipnote/url_regex/blob/master/url_regex/url_regex.py - Exploit, Third Party Advisory
References () https://snyk.io/vuln/SNYK-PYTHON-URLREGEX-2347643 - Exploit, Third Party Advisory () https://snyk.io/vuln/SNYK-PYTHON-URLREGEX-2347643 - Exploit, Third Party Advisory
CVSS v2 : 5.0
v3 : 7.5
v2 : 5.0
v3 : 5.3

08 Aug 2023, 14:22

Type Values Removed Values Added
CWE NVD-CWE-Other CWE-1333

Information

Published : 2022-05-20 20:15

Updated : 2024-11-21 06:44


NVD link : CVE-2022-21195

Mitre link : CVE-2022-21195

CVE.ORG link : CVE-2022-21195


JSON object : View

Products Affected

url-regex_project

  • url-regex
CWE
CWE-1333

Inefficient Regular Expression Complexity