Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Regular expression Denial of Service in MooTools
Vulnerability Description
MooTools is a collection of JavaScript utilities for JavaScript developers. All known versions include a CSS selector parser that is vulnerable to Regular Expression Denial of Service (ReDoS). An attack requires that an attacker can inject a string into a CSS selector at runtime, which is quite common with e.g. jQuery CSS selectors. No patches are available for this issue.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
mootools 资源管理错误漏洞
Vulnerability Description
mootools是一个用于 Web 开发的库,支持 OOP。 mootools 存在资源管理错误漏洞,该漏洞源于包含易受正则表达式拒绝服务 (ReDoS) 攻击的 CSS 选择器解析器,攻击者利用该漏洞可以在运行时将字符串注入 CSS 选择器。
CVSS Information
N/A
Vulnerability Type
N/A