Vulnerability Details CVE-2021-23446
The package handsontable before 10.0.0; the package handsontable from 0 and before 10.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) in Handsontable.helper.isNumeric function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.8%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://github.com/handsontable/handsontable/issues/8752
- https://github.com/handsontable/handsontable/pull/8742
- https://snyk.io/vuln/SNYK-DOTNET-HANDSONTABLE-1726793
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1726795
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1726796
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBHANDSONTABLE-1726794
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1726797
- https://snyk.io/vuln/SNYK-JS-HANDSONTABLE-1726770
- https://github.com/handsontable/handsontable/issues/8752
- https://github.com/handsontable/handsontable/pull/8742
- https://snyk.io/vuln/SNYK-DOTNET-HANDSONTABLE-1726793
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1726795
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1726796
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBHANDSONTABLE-1726794
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1726797
- https://snyk.io/vuln/SNYK-JS-HANDSONTABLE-1726770
Products affected by CVE-2021-23446
-
cpe:2.3:a:handsontable:handsontable:-
-
cpe:2.3:a:handsontable:handsontable:0.10.0
-
cpe:2.3:a:handsontable:handsontable:0.10.1
-
cpe:2.3:a:handsontable:handsontable:0.10.2
-
cpe:2.3:a:handsontable:handsontable:0.10.3
-
cpe:2.3:a:handsontable:handsontable:0.10.4
-
cpe:2.3:a:handsontable:handsontable:0.10.5
-
cpe:2.3:a:handsontable:handsontable:0.11.0
-
cpe:2.3:a:handsontable:handsontable:0.11.1
-
cpe:2.3:a:handsontable:handsontable:0.11.2
-
cpe:2.3:a:handsontable:handsontable:0.11.3
-
cpe:2.3:a:handsontable:handsontable:0.11.4
-
cpe:2.3:a:handsontable:handsontable:0.12.0
-
cpe:2.3:a:handsontable:handsontable:0.12.1
-
cpe:2.3:a:handsontable:handsontable:0.12.2
-
cpe:2.3:a:handsontable:handsontable:0.12.3
-
cpe:2.3:a:handsontable:handsontable:0.12.4
-
cpe:2.3:a:handsontable:handsontable:0.12.5
-
cpe:2.3:a:handsontable:handsontable:0.12.6
-
cpe:2.3:a:handsontable:handsontable:0.13.0
-
cpe:2.3:a:handsontable:handsontable:0.13.1
-
cpe:2.3:a:handsontable:handsontable:0.14.0
-
cpe:2.3:a:handsontable:handsontable:0.14.1
-
cpe:2.3:a:handsontable:handsontable:0.15.0
-
cpe:2.3:a:handsontable:handsontable:0.15.1
-
cpe:2.3:a:handsontable:handsontable:0.16.0
-
cpe:2.3:a:handsontable:handsontable:0.16.1
-
cpe:2.3:a:handsontable:handsontable:0.17.0
-
cpe:2.3:a:handsontable:handsontable:0.18.0
-
cpe:2.3:a:handsontable:handsontable:0.19.0
-
cpe:2.3:a:handsontable:handsontable:0.20.0
-
cpe:2.3:a:handsontable:handsontable:0.20.1
-
cpe:2.3:a:handsontable:handsontable:0.20.2
-
cpe:2.3:a:handsontable:handsontable:0.20.3
-
cpe:2.3:a:handsontable:handsontable:0.21.0
-
cpe:2.3:a:handsontable:handsontable:0.22.0
-
cpe:2.3:a:handsontable:handsontable:0.23.0
-
cpe:2.3:a:handsontable:handsontable:0.24.0
-
cpe:2.3:a:handsontable:handsontable:0.24.1
-
cpe:2.3:a:handsontable:handsontable:0.24.2
-
cpe:2.3:a:handsontable:handsontable:0.24.3
-
cpe:2.3:a:handsontable:handsontable:0.25.0
-
cpe:2.3:a:handsontable:handsontable:0.25.1
-
cpe:2.3:a:handsontable:handsontable:0.26.0
-
cpe:2.3:a:handsontable:handsontable:0.26.1
-
cpe:2.3:a:handsontable:handsontable:0.27.0
-
cpe:2.3:a:handsontable:handsontable:0.28.0
-
cpe:2.3:a:handsontable:handsontable:0.28.1
-
cpe:2.3:a:handsontable:handsontable:0.28.2
-
cpe:2.3:a:handsontable:handsontable:0.28.3
-
cpe:2.3:a:handsontable:handsontable:0.28.4
-
cpe:2.3:a:handsontable:handsontable:0.29.0
-
cpe:2.3:a:handsontable:handsontable:0.29.1
-
cpe:2.3:a:handsontable:handsontable:0.29.2
-
cpe:2.3:a:handsontable:handsontable:0.30.0
-
cpe:2.3:a:handsontable:handsontable:0.30.1
-
cpe:2.3:a:handsontable:handsontable:0.31.0
-
cpe:2.3:a:handsontable:handsontable:0.31.1
-
cpe:2.3:a:handsontable:handsontable:0.31.2
-
cpe:2.3:a:handsontable:handsontable:0.32.0
-
cpe:2.3:a:handsontable:handsontable:0.33.0
-
cpe:2.3:a:handsontable:handsontable:0.34.0
-
cpe:2.3:a:handsontable:handsontable:0.34.1
-
cpe:2.3:a:handsontable:handsontable:0.34.2
-
cpe:2.3:a:handsontable:handsontable:0.34.3
-
cpe:2.3:a:handsontable:handsontable:0.34.4
-
cpe:2.3:a:handsontable:handsontable:0.34.5
-
cpe:2.3:a:handsontable:handsontable:0.35.0
-
cpe:2.3:a:handsontable:handsontable:0.35.1
-
cpe:2.3:a:handsontable:handsontable:0.36.0
-
cpe:2.3:a:handsontable:handsontable:0.37.0
-
cpe:2.3:a:handsontable:handsontable:0.38.0
-
cpe:2.3:a:handsontable:handsontable:0.38.1
-
cpe:2.3:a:handsontable:handsontable:0.4.0
-
cpe:2.3:a:handsontable:handsontable:0.4.1
-
cpe:2.3:a:handsontable:handsontable:0.4.2
-
cpe:2.3:a:handsontable:handsontable:0.5.0
-
cpe:2.3:a:handsontable:handsontable:0.6.0
-
cpe:2.3:a:handsontable:handsontable:0.7.0
-
cpe:2.3:a:handsontable:handsontable:0.7.1
-
cpe:2.3:a:handsontable:handsontable:0.7.2
-
cpe:2.3:a:handsontable:handsontable:0.7.3
-
cpe:2.3:a:handsontable:handsontable:0.7.4
-
cpe:2.3:a:handsontable:handsontable:0.7.5
-
cpe:2.3:a:handsontable:handsontable:0.8.0
-
cpe:2.3:a:handsontable:handsontable:0.8.1
-
cpe:2.3:a:handsontable:handsontable:0.8.10
-
cpe:2.3:a:handsontable:handsontable:0.8.11
-
cpe:2.3:a:handsontable:handsontable:0.8.12
-
cpe:2.3:a:handsontable:handsontable:0.8.13
-
cpe:2.3:a:handsontable:handsontable:0.8.14
-
cpe:2.3:a:handsontable:handsontable:0.8.15
-
cpe:2.3:a:handsontable:handsontable:0.8.16
-
cpe:2.3:a:handsontable:handsontable:0.8.17
-
cpe:2.3:a:handsontable:handsontable:0.8.18
-
cpe:2.3:a:handsontable:handsontable:0.8.19
-
cpe:2.3:a:handsontable:handsontable:0.8.2
-
cpe:2.3:a:handsontable:handsontable:0.8.20
-
cpe:2.3:a:handsontable:handsontable:0.8.21
-
cpe:2.3:a:handsontable:handsontable:0.8.22
-
cpe:2.3:a:handsontable:handsontable:0.8.23
-
cpe:2.3:a:handsontable:handsontable:0.8.3
-
cpe:2.3:a:handsontable:handsontable:0.8.4
-
cpe:2.3:a:handsontable:handsontable:0.8.5
-
cpe:2.3:a:handsontable:handsontable:0.8.6
-
cpe:2.3:a:handsontable:handsontable:0.8.7
-
cpe:2.3:a:handsontable:handsontable:0.8.8
-
cpe:2.3:a:handsontable:handsontable:0.8.9
-
cpe:2.3:a:handsontable:handsontable:0.9.0
-
cpe:2.3:a:handsontable:handsontable:0.9.1
-
cpe:2.3:a:handsontable:handsontable:0.9.10
-
cpe:2.3:a:handsontable:handsontable:0.9.11
-
cpe:2.3:a:handsontable:handsontable:0.9.12
-
cpe:2.3:a:handsontable:handsontable:0.9.13
-
cpe:2.3:a:handsontable:handsontable:0.9.14
-
cpe:2.3:a:handsontable:handsontable:0.9.15
-
cpe:2.3:a:handsontable:handsontable:0.9.16
-
cpe:2.3:a:handsontable:handsontable:0.9.17
-
cpe:2.3:a:handsontable:handsontable:0.9.18
-
cpe:2.3:a:handsontable:handsontable:0.9.19
-
cpe:2.3:a:handsontable:handsontable:0.9.2
-
cpe:2.3:a:handsontable:handsontable:0.9.3
-
cpe:2.3:a:handsontable:handsontable:0.9.4
-
cpe:2.3:a:handsontable:handsontable:0.9.5
-
cpe:2.3:a:handsontable:handsontable:0.9.6
-
cpe:2.3:a:handsontable:handsontable:0.9.7
-
cpe:2.3:a:handsontable:handsontable:0.9.8
-
cpe:2.3:a:handsontable:handsontable:0.9.9
-
cpe:2.3:a:handsontable:handsontable:1.14.0
-
cpe:2.3:a:handsontable:handsontable:1.14.1
-
cpe:2.3:a:handsontable:handsontable:1.14.2
-
cpe:2.3:a:handsontable:handsontable:1.14.3
-
cpe:2.3:a:handsontable:handsontable:1.15.0
-
cpe:2.3:a:handsontable:handsontable:1.15.1
-
cpe:2.3:a:handsontable:handsontable:1.16.0
-
cpe:2.3:a:handsontable:handsontable:1.17.0
-
cpe:2.3:a:handsontable:handsontable:1.18.0
-
cpe:2.3:a:handsontable:handsontable:1.18.1
-
cpe:2.3:a:handsontable:handsontable:2.0.0
-
cpe:2.3:a:handsontable:handsontable:3.0.0
-
cpe:2.3:a:handsontable:handsontable:4.0.0
-
cpe:2.3:a:handsontable:handsontable:5.0.0
-
cpe:2.3:a:handsontable:handsontable:5.0.1
-
cpe:2.3:a:handsontable:handsontable:5.0.2
-
cpe:2.3:a:handsontable:handsontable:6.0.0
-
cpe:2.3:a:handsontable:handsontable:6.0.1
-
cpe:2.3:a:handsontable:handsontable:6.1.0
-
cpe:2.3:a:handsontable:handsontable:6.1.1
-
cpe:2.3:a:handsontable:handsontable:6.2.0
-
cpe:2.3:a:handsontable:handsontable:6.2.1
-
cpe:2.3:a:handsontable:handsontable:6.2.2
-
cpe:2.3:a:handsontable:handsontable:7.0.0
-
cpe:2.3:a:handsontable:handsontable:7.0.1
-
cpe:2.3:a:handsontable:handsontable:7.0.2
-
cpe:2.3:a:handsontable:handsontable:7.0.3
-
cpe:2.3:a:handsontable:handsontable:7.1.0
-
cpe:2.3:a:handsontable:handsontable:7.1.1
-
cpe:2.3:a:handsontable:handsontable:7.2.0
-
cpe:2.3:a:handsontable:handsontable:7.2.1
-
cpe:2.3:a:handsontable:handsontable:7.2.2
-
cpe:2.3:a:handsontable:handsontable:7.3.0
-
cpe:2.3:a:handsontable:handsontable:7.4.0
-
cpe:2.3:a:handsontable:handsontable:7.4.1
-
cpe:2.3:a:handsontable:handsontable:7.4.2
-
cpe:2.3:a:handsontable:handsontable:8.0.0
-
cpe:2.3:a:handsontable:handsontable:8.1.0
-
cpe:2.3:a:handsontable:handsontable:8.2.0
-
cpe:2.3:a:handsontable:handsontable:8.3.0
-
cpe:2.3:a:handsontable:handsontable:8.3.1
-
cpe:2.3:a:handsontable:handsontable:8.3.2
-
cpe:2.3:a:handsontable:handsontable:8.4.0
-
cpe:2.3:a:handsontable:handsontable:9.0.0
-
cpe:2.3:a:handsontable:handsontable:9.0.1
-
cpe:2.3:a:handsontable:handsontable:9.0.2