NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2020-26306

Summary	Knwl.js is a Javascript library that parses through text for dates, times, phone numbers, emails, places, and more. Versions 1.0.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available.
Publication Date	Oct. 27, 2024, 6:15 a.m.
Registration Date	Oct. 27, 2024, noon
Last Update	Oct. 28, 2024, 10:58 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://securitylab.github.com/advisories/GHSL-2020-296-redos-Knwl.js/
2	https://github.com/benhmoore/Knwl/issues/106

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-1333	非効率的な正規表現の複雑さ	https://cwe.mitre.org/data/definitions/1333.html