CWE-625
Permissive Regular Expression
Description
The product uses a regular expression that does not sufficiently restrict the set of allowed values.
{"xhtml:p":["This effectively causes the regexp to accept substrings that match the pattern, which produces a partial comparison to the target. In some cases, this can lead to other weaknesses. Common errors include:"],"xhtml:ul":[{"xhtml:li":["not identifying the beginning and end of the target string","using wildcards instead of acceptable character ranges","others"]}]}
Parent Weaknesses (ChildOf)
Related Weaknesses
Common Consequences
Scope
Impact
Bypass Protection Mechanism
Potential Mitigations
When applicable, ensure that the regular expression marks beginning and ending string patterns, such as "/^string$/" for Perl.
CVE-2021-22204Chain: regex in EXIF processor code does not correctly determine where a string ends (CWE-625), enabling eval injection (CWE-95), as exploited in the wild per CISA KEV.
CVE-2006-1895".*" regexp leads to static code injection
CVE-2002-2175insertion of username into regexp results in partial comparison, causing wrong database entry to be updated when one username is a substring of another.
CVE-2006-4527regexp intended to verify that all characters are legal, only checks that at least one is legal, enabling file inclusion.
CVE-2005-1949Regexp for IP address isn't anchored at the end, allowing appending of shell metacharacters.
CVE-2002-2109Regexp isn't "anchored" to the beginning or end, which allows spoofed values that have trusted values as substrings.
CVE-2006-6511regexp in .htaccess file allows access of files whose names contain certain substrings
CVE-2006-6629allow load of macro files whose names contain certain substrings.
Applicable Platforms
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now