CVE-2020-26306

Name of the Vulnerable Software and Affected Versions Knwl.js versions 1.0.2 and prior

Description The issue concerns a Regular Expression Denial of Service (ReDoS) in the Knwl.js library, which is used for parsing text to extract information such as dates, times, phone numbers, and more. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.

Recommendations For versions 1.0.2 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.