icon

We found results for “

WS-2019-0017

Good to know:

icon
icon

Date: March 6, 2018

Version of clean-css prior to 4.1.11 are vulnerable to Regular Expression Denial of Service (ReDoS). Untrusted input may cause catastrophic backtracking while matching regular expressions. This can cause the application to be unresponsive leading to Denial of Service.

Language: Java

Severity Score

Severity Score

Weakness Type (CWE)

Incorrect Regular Expression

CWE-185

Top Fix

icon

Upgrade Version

Upgrade to version clean-css - 4.1.11

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): LOW

Do you need more information?

Contact Us