| Title | chinese-poetry <=v0.1 Inefficient Regular Expression Complexity |
|---|
| Description | I have identified a Regular Expression Denial of Service (ReDoS) vulnerability in the rank/server.js file. The regular expression used to strip <script> and <style> tags can be exploited with a maliciously crafted string, causing the Node.js event loop to block and leading to a Denial of Service. |
|---|
| Source | ⚠️ https://github.com/chinese-poetry/chinese-poetry/issues/396 |
|---|
| User | DayShift (UID 80963) |
|---|
| Submission | 07/05/2025 10:16 (12 months ago) |
|---|
| Moderation | 07/13/2025 09:50 (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 316277 [chinese-poetry 0.1 rank/server.js redos] |
|---|
| Points | 18 |
|---|