CVE-2024-22363 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA-ADP	ADP	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 28%

Common Weakness Enumeration

CWE-1333 - Inefficient Regular Expression Complexity
The product uses a regular expression with an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles.

References

https://cdn.sheetjs.com/advisories/CVE-2024-22363

https://cwe.mitre.org/data/definitions/1333.html

https://git.sheetjs.com/sheetjs/sheetjs/src/tag/v0.20.2

https://cdn.sheetjs.com/advisories/CVE-2024-22363

https://cwe.mitre.org/data/definitions/1333.html

https://git.sheetjs.com/sheetjs/sheetjs/src/tag/v0.20.2