Lucene search
K

91 matches found

Cvelist
Cvelist
added 2022/11/09 12:0 a.m.19 views

CVE-2022-42965 Exponential ReDoS in snowflake-connector-python leads to denial of service

An exponential ReDoS Regular Expression Denial of Service can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented getfiletransfertype method...

3.7CVSS7.7AI score0.00816EPSS
Exploits1References1
OSV
OSV
added 2022/11/09 12:0 a.m.1 views

CVE-2022-42965 Exponential ReDoS in snowflake-connector-python leads to denial of service

An exponential ReDoS Regular Expression Denial of Service can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented getfiletransfertype method...

3.7CVSS7.2AI score0.00816EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/11/09 12:0 a.m.4 views

PT-2022-26685 · Pypi · Cleo

Name of the Vulnerable Software and Affected Versions: cleo affected versions not specified Description: An exponential ReDoS Regular Expression Denial of Service can be triggered in the cleo PyPI package when an attacker is able to supply arbitrary input to the Table.set rows method...

7.5CVSS7.3AI score0.00909EPSS
Exploits1References13
Debian CVE
Debian CVE
added 2022/11/09 12:0 a.m.19 views

CVE-2022-42964

An exponential ReDoS Regular Expression Denial of Service can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.fromstring method...

7.5CVSS7.4AI score0.00816EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2022/10/25 12:0 a.m.6 views

CVE-2022-35739

PRTG Network Monitor through 22.2.77.2204 does not prevent custom input for a device’s icon, which can be modified to insert arbitrary content into the style tag for that device. When the device page loads, the arbitrary Cascading Style Sheets CSS data is inserted into the style tag, loading...

5.1AI score0.00726EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/09/20 12:0 a.m.5 views

Aruba Networks ClearPass Policy Manager 跨站请求伪造漏洞

Aruba Networks ClearPass Policy Manager is an Aruba Networks application that provides a secure access management system for wireless networks. A security vulnerability exists in Aruba Networks ClearPass Policy Manager versions 6.10.x through 6.10.6 and 6.9.x through 6.9.11. An attacker could...

8.8CVSS8.3AI score0.00399EPSS
Exploits0References2
OSV
OSV
added 2022/08/25 12:0 a.m.17 views

GHSA-CHW2-6C7R-37P7 uri-template-lite Regular Expression Denial of Service

An exponential ReDoS Regular Expression Denial of Service can be triggered in the uri-template-lite npm package, when an attacker is able to supply arbitrary input to the "URI.expand" method...

5.9CVSS7.5AI score0.00856EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2022/08/25 12:0 a.m.30 views

uri-template-lite Regular Expression Denial of Service

An exponential ReDoS Regular Expression Denial of Service can be triggered in the uri-template-lite npm package, when an attacker is able to supply arbitrary input to the "URI.expand" method...

7.5CVSS7.4AI score0.00856EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2022/08/24 4:15 p.m.15 views

Design/Logic Flaw

An exponential ReDoS Regular Expression Denial of Service can be triggered in the uri-template-lite npm package, when an attacker is able to supply arbitrary input to the "URI.expand" method...

5CVSS7.5AI score0.00856EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/08/24 3:48 p.m.32 views

CVE-2021-43309 ReDoS in uri-template-lite URI.expand function

An exponential ReDoS Regular Expression Denial of Service can be triggered in the uri-template-lite npm package, when an attacker is able to supply arbitrary input to the "URI.expand" method...

5.9CVSS7.7AI score0.00856EPSS
Exploits1References2
OSV
OSV
added 2022/08/23 12:0 a.m.3 views

GHSA-V65G-F3CJ-FJP4 Regular expression denial of service in eth-account

An exponential ReDoS Regular Expression Denial of Service can be triggered in the eth-account PyPI package, when an attacker is able to supply arbitrary input to the encodestructureddata method...

5.9CVSS6AI score0.0078EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2022/08/22 7:15 p.m.6 views

CVE-2022-1930

An exponential ReDoS Regular Expression Denial of Service can be triggered in the eth-account PyPI package, when an attacker is able to supply arbitrary input to the encodestructureddata method...

7.5CVSS7.2AI score0.0078EPSS
Exploits1References2
Prion
Prion
added 2022/08/22 7:15 p.m.20 views

Security feature bypass

An exponential ReDoS Regular Expression Denial of Service can be triggered in the eth-account PyPI package, when an attacker is able to supply arbitrary input to the encodestructureddata method...

5CVSS7.5AI score0.0078EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/08/22 12:0 a.m.4 views

PT-2022-4437

Name of the Vulnerable Software and Affected Versions eth-account affected versions not specified Description The issue is related to an exponential ReDoS Regular Expression Denial of Service that can be triggered in the eth-account PyPI package. This occurs when an attacker is able to supply...

7.8CVSS7.2AI score0.0078EPSS
Exploits1References13
Debian CVE
Debian CVE
added 2022/07/14 7:30 p.m.11 views

CVE-2022-31147

The jQuery Validation Plugin jquery-validation provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service ReDoS when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix...

7.5CVSS7.7AI score0.01562EPSS
Exploits1
OSV
OSV
added 2022/06/03 12:1 a.m.16 views

GHSA-FP36-299X-PWMW Regular expression denial of service in devcert

An exponential ReDoS Regular Expression Denial of Service can be triggered in the devcert npm package, when an attacker is able to supply arbitrary input to the certificateFor method...

7.5CVSS6AI score0.006EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/06/03 12:1 a.m.34 views

Regular expression denial of service in markdown-link-extractor

An exponential ReDoS Regular Expression Denial of Service can be triggered in the markdown-link-extractor npm package, when an attacker is able to supply arbitrary input to the module's exported function...

7.5CVSS4.5AI score0.01027EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/06/03 12:1 a.m.37 views

Regular expression denial of service in semver-regex

An exponential ReDoS Regular Expression Denial of Service can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test method...

7.5CVSS4.5AI score0.01455EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/06/03 12:1 a.m.19 views

GHSA-MMH6-M7V9-5956 Regular expression denial of service in markdown-link-extractor

An exponential ReDoS Regular Expression Denial of Service can be triggered in the markdown-link-extractor npm package, when an attacker is able to supply arbitrary input to the module's exported function...

7.5CVSS7.4AI score0.01027EPSS
Exploits1References3
OSV
OSV
added 2022/06/03 12:1 a.m.1 views

GHSA-4X5V-GMQ8-25CH Regular expression denial of service in semver-regex

An exponential ReDoS Regular Expression Denial of Service can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test method...

7.5CVSS7.2AI score0.01455EPSS
Exploits1References4
Rows per page
Query Builder