A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Vfsjfilechooser2 version 0.2.9 and below which occurs when the application attempts to validate crafted URIs.
References
Link | Resource |
---|---|
https://github.com/fracpete/vfsjfilechooser2/commit/9c9f2c317f3de5ece60a3ae28c371e9796e3909b | Patch Third Party Advisory |
https://github.com/fracpete/vfsjfilechooser2/issues/7 | Exploit Issue Tracking Third Party Advisory |
https://github.com/fracpete/vfsjfilechooser2/releases/tag/vfsjfilechooser2-0.2.9 | Release Notes Third Party Advisory |
https://github.com/yetingli/PoCs/blob/main/CVE-2021-29061/Vfsjfilechooser2.md | Exploit Patch Third Party Advisory |
https://github.com/yetingli/SaveResults/blob/main/md/vfsjfilechooser2.md | Exploit Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-06-21T19:46:22
Updated: 2021-06-21T19:46:22
Reserved: 2021-03-22T00:00:00
Link: CVE-2021-29061
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-06-21T20:15:09.437
Modified: 2021-06-25T01:49:41.000
Link: CVE-2021-29061
JSON object: View
Redhat Information
No data.
CWE