Yeting Li

icon indicating a website link https://yetingli.github.io/

icon company IIE CAS icon location Beijing, China

Results 4 issues of Yeting Li

Vulnerable Regular Expressions in omi

**Type of Issue** Potential Regex Denial of Service (ReDoS) **Description** Here are three regular expressions with ReDos vulnerabilities, as shown below. 1. `regex1 = /( +)[^:]+::/` [location](https://github.com/Tencent/omi/blob/375c07e0ab0e417ebf684548e6ab4ae2770ecfbd/packages/omi-cli/template/md2site/public/highlight/prism.js#L140) The ReDOS vulnerability...

ReDoS in node-ical

7 comment

Hey Jens, Recently I found a potential ReDoS vulnerability inside `node-ical` and provided some proper examples. You can access the vulnerability details at [huntr](https://www.huntr.dev/bounties/aa67e7d3-666e-4f34-9009-d4d1ae124863/). Please feel free to get in...

fix the regular expression in parseURI

Reimplemented trimming trailing whitespace

Vulnerable Regular Expressions in YADA

**Type of Issue** Potential Regex Denial of Service (ReDoS) **Description** The vulnerable regular expression is located in https://github.com/Novartis/YADA/blob/1b12922c632b6b67d869b2a78f31512a252dd812/yada-api/src/main/java/com/novartis/opensource/yada/io/VCFHelper.java#L49 The regex can be exploited with the following string `##INFO=