CVE-2021-27293

RestSharp < 106.11.8-alpha.0.13 uses a regular expression which is vulnerable to Regular Expression Denial of Service (ReDoS) when converting strings into DateTimes. If a server responds with a malicious string, the client using RestSharp will be stuck processing it for an exceedingly long time. Thus the remote server can trigger Denial of Service.
References
Configurations

Configuration 1

cpe:2.3:a:restsharp:restsharp:*:*:*:*:*:*:*:*
cpe:2.3:a:restsharp:restsharp:106.11.8:alpha0.10:*:*:*:*:*:*
cpe:2.3:a:restsharp:restsharp:106.11.8:alpha0.11:*:*:*:*:*:*
cpe:2.3:a:restsharp:restsharp:106.11.8:alpha0.12:*:*:*:*:*:*
cpe:2.3:a:restsharp:restsharp:106.11.8:alpha0.2:*:*:*:*:*:*
cpe:2.3:a:restsharp:restsharp:106.11.8:alpha0.3:*:*:*:*:*:*
cpe:2.3:a:restsharp:restsharp:106.11.8:alpha0.4:*:*:*:*:*:*
cpe:2.3:a:restsharp:restsharp:106.11.8:alpha0.6:*:*:*:*:*:*
cpe:2.3:a:restsharp:restsharp:106.11.8:alpha0.7:*:*:*:*:*:*

Information

Published : 2021-07-12 11:15

Updated : 2021-09-09 12:43


NVD link : CVE-2021-27293

Mitre link : CVE-2021-27293

Products Affected
No products.
CWE