You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
RestSharp < 106.11.8-alpha.0.13 uses a regular expression which is vulnerable to Regular Expression Denial of Service (ReDoS) when converting strings into DateTimes. If a server responds with a malicious string, the client using RestSharp will be stuck processing it for an exceedingly long time. Thus the remote server can trigger Denial of Service.
CVE-2021-27293 - High Severity Vulnerability
Vulnerable Library - restsharp.105.1.0.nupkg
Simple REST and HTTP API Client
Library home page: https://api.nuget.org/packages/restsharp.105.1.0.nupkg
Dependency Hierarchy:
Found in HEAD commit: e7f778824724811f04d4330e6762202605f74556
Found in base branch: master
Vulnerability Details
RestSharp < 106.11.8-alpha.0.13 uses a regular expression which is vulnerable to Regular Expression Denial of Service (ReDoS) when converting strings into DateTimes. If a server responds with a malicious string, the client using RestSharp will be stuck processing it for an exceedingly long time. Thus the remote server can trigger Denial of Service.
Publish Date: 2021-07-12
URL: CVE-2021-27293
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: GHSA-9pq7-rcxv-47vq
Release Date: 2021-07-12
Fix Resolution: RestSharp - 106.11.8-alpha.0.13
The text was updated successfully, but these errors were encountered: