Cyber Resilience

CVE-2021-4305

Low

Published: 05 January 2023

Published
05 January 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
EPSS Score 0.0049 66.1th percentile
Risk Priority 7 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-4305 is a low-severity Inefficient Regular Expression Complexity (CWE-1333) vulnerability in Bridgeline Robots-Txt-Guard. Its CVSS base score is 3.5 (Low).

Operationally, ranked in the top 33.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

A vulnerability was found in Woorank robots-txt-guard. It has been rated as problematic. Affected by this issue is the function makePathPattern of the file lib/patterns.js. The manipulation of the argument pattern leads to inefficient regular expression complexity. The exploit has…

more

been disclosed to the public and may be used. The name of the patch is c03827cd2f9933619c23894ce7c98401ea824020. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217448.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

bridgeline
robots-txt-guard
≤ 2021-02-07

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References