Vulnerability	Vulnerable Version
M Regular Expression Denial of Service (ReDoS) Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the `listNames` function. An attacker can cause significant CPU consumption and degrade server performance by supplying a crafted regular expression and influencing the set of resource names being matched. Note: This is only exploitable if an attacker can control both the regular expression input and the resource names being evaluated. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade `com.powsybl:powsybl-psse-model` to version 6.7.2 or higher.	[,6.7.2)

Regular Expression Denial of Service (ReDoS)

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the listNames function. An attacker can cause significant CPU consumption and degrade server performance by supplying a crafted regular expression and influencing the set of resource names being matched.

Note:

This is only exploitable if an attacker can control both the regular expression input and the resource names being evaluated.

How to fix Regular Expression Denial of Service (ReDoS)?

Upgrade com.powsybl:powsybl-psse-model to version 6.7.2 or higher.

[,6.7.2)

Go back to all versions of this package