VYPR

CWE-625

Permissive Regular Expression

BaseDraft

Description

The product uses a regular expression that does not sufficiently restrict the set of allowed values.

Hierarchy (View 1000)

Parents

Children

CVEs mapped to this weakness (5)

  • CVE-2018-8926HigJun 8, 2018
    risk 0.57cvss 8.8epss 0.02

    Permissive regular expression vulnerability in synophoto_dsm_user in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote authenticated users to conduct privilege escalation attacks via the fullname parameter.

  • CVE-2026-37737MedJun 5, 2026
    risk 0.42cvss 6.5epss 0.00

    sanic-cors version 2.2.0 and prior contains an improper regular expression in the try_match() function in sanic_cors/core.py that uses re.match without end-anchoring. This allows an attacker to bypass CORS origin allowlists by registering a domain that begins with a trusted…

  • CVE-2023-6544MedApr 25, 2024
    risk 0.35cvss 5.4epss 0.01

    A flaw was found in the Keycloak package. This issue occurs due to a permissive regular expression hardcoded for filtering which allows hosts to register a dynamic client. A malicious user with enough information about the environment could jeopardize an environment with this…

  • CVE-2026-34830MedApr 2, 2026
    risk 0.31cvss 5.9epss 0.00

    Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Sendfile#map_accel_path interpolates the value of the X-Accel-Mapping request header directly into a regular expression when rewriting file paths for X-Accel-Redirect. Because the…

  • CVE-2026-34763MedApr 2, 2026
    risk 0.27cvss 5.3epss 0.00

    Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Directory interpolates the configured root path directly into a regular expression when deriving the displayed directory path. If root contains regex metacharacters such as +, *, or…