Home > Vulnerability Database > CVE-2020-26304

Mend.io Vulnerability Database

CVE-2020-26304

Good to know:

Date: October 26, 2024

Foundation is a front-end framework. Versions 6.3.3 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, it is unknown if any fixes are available.

Language: HTML

Severity Score

7.5

Related Resources (6)

Url: https://securitylab.github.com/advisories/GHSL-2020-290-redos-foundation-sites

Url: https://github.com/foundation/foundation-sites

Url: https://nvd.nist.gov/vuln/detail/CVE-2020-26304

Url: https://github.com/foundation/foundation-sites/issues/12180

Url: https://securitylab.github.com/advisories/GHSL-2020-290-redos-foundation-sites/

Url: https://www.mend.io/vulnerability-database/CVE-2020-26304

Severity Score

7.5

Weakness Type (CWE)

Inefficient Regular Expression Complexity

CWE-1333

Top Fix

Upgrade Version

Upgrade to version no_fix

Learn More

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2020-26304

Good to know:

Date: October 26, 2024

Language: HTML

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?