CVE-2021-27293

Incorrect Comparison in nuget/RestSharp

Identifier

CVE-2021-27293

Package Slug

nuget/RestSharp

Vulnerability

Incorrect Comparison

Description

RestSharp uses a regular expression which is vulnerable to Regular Expression Denial of Service (ReDoS) when converting strings into DateTimes. If a server responds with a malicious string, the client using RestSharp will be stuck processing it for an exceedingly long time. Thus the remote server can trigger Denial of Service.

Affected Versions

All versions up to 106.11.8

Solution

Unfortunately, there is no solution available yet.

Last Modified

2021-07-15

source