Naretena A.
Naretena A.
_The regex on line 35. inside urls.go is vulnerable to regex denial of service when a long input is provided inside directory path of the git url. I managed to...
The regex inside lib/pattern.js file seems to be vulnerable to Regex denial of service. I used this payload to cause a 17 second delay when a URL is processed by...
Hey Tj Telan, Is there a way for You to contact me regarding a security vulnerability I discovered, so I can report it to You privately, or if You can...
The regex on line 7. is vulnerable to Regex DoS when a large input is provided to the function with ocurring null bytes and tabs in this case. I did...
**Describe the bug** The /auth/login takes longer time to process correct usernames than incorrect ones leading to possible user enumeration. There is a ≈700ms difference between the username check and...
The code that is responsible for reading this data into the "of" variable [1] on line 73. inside lz4D.c -> ``` --> [1] RET_WHEN_ERR(LZ4_read(pp_src, p_src_limit, 2, &of)); RET_ERR_IF(R_CORRUPT, of==0); if...
Inside zstdD.c on line 623. there is a potential size_t underflow condition ``` p_lit += ll; --> [1] n_lit -= ll; of = parse_offset(p_ctx->prev_of, of, ll); for (; ml>0; ml--)...
The regex on line 11. in index.js contains a Regex denial of service when large input is provided. It takes longer amount of time to process larger strings because regex...