Description

In js/parts/SvgRenderer.js in Highcharts JS before 6.1.0, the use of backtracking regular expressions permitted an attacker to conduct a denial of service attack against the SVGRenderer component, aka ReDoS.

Remediation

References

CVE-2018-20801

Related Vulnerabilities

markdown-it Inefficient Regular Expression Complexity Vulnerability (CVE-2022-21670)

WordPress Plugin Share Posts To Email Cross-Site Scripting (1.0.2)

WordPress Plugin Simply Static Multiple Vulnerabilities (1.7.0)

Magento CVE-2019-7904 Vulnerability (CVE-2019-7904)

WordPress Plugin Asgaros Forum Multiple Vulnerabilities (1.15.14)

Severity

High

Classification

CVE-2018-20801 CWE-185 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities