Cleo Security Vulnerabilities

CVE-2022-42966

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.set_rows...

CVE-2014-7414

The CLEO Malaysia (aka com.magzter.cleomalaysia) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...