CVE-2021-27293

HIGH Year: 2021
CVSS v3 Score
7.5
High
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-697
View all →

Vulnerability Description

RestSharp < 106.11.8-alpha.0.13 uses a regular expression which is vulnerable to Regular Expression Denial of Service (ReDoS) when converting strings into DateTimes. If a server responds with a malicious string, the client using RestSharp will be stuck processing it for an exceedingly long time. Thus the remote server can trigger Denial of Service.

Related Vulnerabilities

CVE-2005-2801

HIGH
CVSS:7.5(High)

xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied.

CWE-6972005

CVE-2016-10003

HIGH
CVSS:7.5(High)

Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as b...

CWE-6972016

CVE-2020-15130

HIGH
CVSS:7.5(High)

In SLPJS (npm package slpjs) before version 0.27.4, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or oppor...

CWE-6972020

CVE-2020-15131

HIGH
CVSS:7.5(High)

In SLP Validate (npm package slp-validate) before version 1.2.2, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wa...

CWE-6972020

CVE-2020-22784

HIGH
CVSS:7.5(High)

In Etherpad UeberDB < 0.4.4, due to MySQL omitting trailing spaces on char / varchar columns during comparisons, retrieving database records using UeberDB's MySQL connector could allow bypassing acces...

CWE-6972020

CVE-2020-23478

HIGH
CVSS:7.5(High)

Leo Editor v6.2.1 was discovered to contain a regular expression denial of service (ReDoS) vulnerability in the component plugins/importers/dart.py.

CWE-6972020