A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Vfsjfilechooser2 version 0.2.9 and below which occurs when the application attempts to validate crafted URIs.
References
Configurations
History
21 Nov 2024, 06:00
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/fracpete/vfsjfilechooser2/commit/9c9f2c317f3de5ece60a3ae28c371e9796e3909b - Patch, Third Party Advisory | |
References | () https://github.com/fracpete/vfsjfilechooser2/issues/7 - Exploit, Issue Tracking, Third Party Advisory | |
References | () https://github.com/fracpete/vfsjfilechooser2/releases/tag/vfsjfilechooser2-0.2.9 - Release Notes, Third Party Advisory | |
References | () https://github.com/yetingli/PoCs/blob/main/CVE-2021-29061/Vfsjfilechooser2.md - Exploit, Patch, Third Party Advisory | |
References | () https://github.com/yetingli/SaveResults/blob/main/md/vfsjfilechooser2.md - Exploit, Patch, Third Party Advisory |
25 Jun 2021, 01:49
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/yetingli/PoCs/blob/main/CVE-2021-29061/Vfsjfilechooser2.md - Exploit, Patch, Third Party Advisory | |
References | (MISC) https://github.com/fracpete/vfsjfilechooser2/commit/9c9f2c317f3de5ece60a3ae28c371e9796e3909b - Patch, Third Party Advisory | |
References | (MISC) https://github.com/fracpete/vfsjfilechooser2/releases/tag/vfsjfilechooser2-0.2.9 - Release Notes, Third Party Advisory | |
References | (MISC) https://github.com/yetingli/SaveResults/blob/main/md/vfsjfilechooser2.md - Exploit, Patch, Third Party Advisory | |
References | (MISC) https://github.com/fracpete/vfsjfilechooser2/issues/7 - Exploit, Issue Tracking, Third Party Advisory | |
CPE | cpe:2.3:a:vfsjfilechooser2_project:vfsjfilechooser2:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CWE | CWE-770 |
21 Jun 2021, 20:27
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-06-21 20:15
Updated : 2024-11-21 06:00
NVD link : CVE-2021-29061
Mitre link : CVE-2021-29061
CVE.ORG link : CVE-2021-29061
JSON object : View
Products Affected
vfsjfilechooser2_project
- vfsjfilechooser2
CWE
CWE-770
Allocation of Resources Without Limits or Throttling