CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

86 matches found

OSV•added 2021/07/12 4:58 p.m.•38 views

GHSA-JXHC-Q857-3J6G Regular Expression Denial of Service in Addressable templates

Impact Within the URI template implementation in Addressable, a maliciously crafted template may result in uncontrolled resource consumption, leading to denial of service when matched against a URI. In typical usage, templates would not normally be read from untrusted user input, but nonetheless,...

7.5CVSS7AI score0.02533EPSS

Exploits0References10

Github Security Blog•added 2021/07/12 4:58 p.m.•66 views

Regular Expression Denial of Service in Addressable templates

7.5CVSS7AI score0.02533EPSS

Exploits0References9Affected Software1

RubySec•added 2021/07/12 12:0 a.m.•28 views

Regular Expression Denial of Service in Addressable templates

Within the URI template implementation in Addressable, a maliciously crafted template may result in uncontrolled resource consumption, leading to denial of service when matched against a URI. In typical usage, templates would not normally be read from untrusted user input, but nonetheless, no...

7.5CVSS6.5AI score0.02533EPSS

Exploits0References1Affected Software1

Veracode•added 2021/07/11 6:21 p.m.•6 views

Denial Of Service (DoS)

Addressable is vulnerable to Denial Of Service DoS attacks. A maliciously crafted template may result in uncontrolled resource consumption, leading to denial of service conditions when matched against a URI...

7.5CVSS7.2AI score0.02533EPSS

Exploits0References7Affected Software2

RedhatCVE•added 2021/07/06 7:16 p.m.•67 views

CVE-2021-32740

A resource-consumption vulnerability was found in rubygem addressable, where its URI template implementation could allow an attacker's crafted template to consume resources, resulting in a denial of service. The highest threat from this vulnerability is to system availability. Mitigation Create...

7.5CVSS2.5AI score0.02533EPSS

Exploits0References4

Snyk•added 2021/07/06 3:44 p.m.•1 views

Regular Expression Denial of Service (ReDoS)

Overview addressable is an is an alternative implementation to the URI implementation that is part of Ruby's standard library. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS within the URI template implementation. A maliciously crafted template may...

7.5CVSS6.8AI score0.02533EPSS

Exploits0References2

OSV•added 2021/07/06 3:15 p.m.•1 views

DEBIAN-CVE-2021-32740

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. An uncontrolled resource consumption vulnerability exists after version 2.3.0 through version 2.7.0. Within the URI template implementation in Addressable, a maliciously crafted templat...

7.5CVSS7.3AI score0.02533EPSS

Exploits0References1

OSV•added 2021/07/06 3:15 p.m.•21 views

CVE-2021-32740

7.5CVSS6.7AI score

Exploits0References4

NVD•added 2021/07/06 3:15 p.m.•12 views

CVE-2021-32740

7.5CVSS0.02533EPSS

Exploits0References4

OSV•added 2021/07/06 3:15 p.m.•0 views

UBUNTU-CVE-2021-32740

7.5CVSS7.1AI score0.02533EPSS

Exploits0References5

UbuntuCve•added 2021/07/06 3:15 p.m.•33 views

CVE-2021-32740

7.5CVSS7AI score0.02533EPSS

Exploits0References4

Prion•added 2021/07/06 3:15 p.m.•19 views

Design/Logic Flaw

5CVSS7.3AI score0.02533EPSS

Exploits0References4Affected Software2

Debian CVE•added 2021/07/06 2:15 p.m.•29 views

CVE-2021-32740

7.5CVSS7.6AI score0.02533EPSS

Exploits0

Cvelist•added 2021/07/06 2:15 p.m.•20 views

CVE-2021-32740 Regular Expression Denial of Service in Addressable templates

7.5CVSS7.7AI score0.02533EPSS

Exploits0References4

CVE•added 2021/07/06 2:15 p.m.•204 views

CVE-2021-32740

Addressable's URI template engine is vulnerable to Denial of Service via catastrophic backtracking when processing malicious templates. The issue exists in versions 2.3.0 through 2.7.0 and is fixed in 2.8.0. Affected software: ruby-addressableRoot cause: flawed URI template matching leading to un...

7.5CVSS7.5AI score0.02533EPSS

Exploits0References4Affected Software1

AlpineLinux•added 2021/07/06 2:15 p.m.•45 views

CVE-2021-32740

7.5CVSS7.6AI score0.02533EPSS

Exploits0

ArchLinux•added 2021/07/06 12:0 a.m.•187 views

[ASA-202107-19] ruby-addressable: denial of service

Arch Linux Security Advisory ASA-202107-19 ========================================== Severity: Medium Date : 2021-07-06 CVE-ID : CVE-2021-32740 Package : ruby-addressable Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2136 Summary ======= The package...

7.5CVSS1.2AI score0.02533EPSS

Exploits0References4

GitLab Advisory Database•added 2021/07/06 12:0 a.m.•30 views

Uncontrolled Resource Consumption

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. An uncontrolled resource consumption vulnerability exists Within the URI template implementation in Addressable, a maliciously crafted template may result in uncontrolled resource...

7.5CVSS2.3AI score0.02533EPSS

Exploits0References1Affected Software1

CNNVD•added 2021/07/03 12:0 a.m.•1 views

Addressable资源管理错误漏洞

Addressable is an application. alternative implementation of the URI implementation, which is part of the Ruby Standard Library. A security vulnerability exists in Addressable that stems from a maliciously crafted URI template implementation in Addressable that could lead to uncontrolled resource...

7.5CVSS7.3AI score0.02533EPSS

Exploits0References10

Akamai Blog•added 2019/10/11 8:0 p.m.•116 views

How to Scale Addressable Advertising with Low Latency for Live Streaming

Written by: David Springfall, Founder and CTO of Yospace Under David's technical and strategic leadership, Yospace pioneered server-side ad insertion and established itself as the global leader in OTT stream monetisation. The Yospace technology supports full one-to-one personalisation and provide...

0.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by