91 matches found
CVE-2022-42965 Exponential ReDoS in snowflake-connector-python leads to denial of service
An exponential ReDoS Regular Expression Denial of Service can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented getfiletransfertype method...
CVE-2022-42965 Exponential ReDoS in snowflake-connector-python leads to denial of service
An exponential ReDoS Regular Expression Denial of Service can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented getfiletransfertype method...
PT-2022-26685 · Pypi · Cleo
Name of the Vulnerable Software and Affected Versions: cleo affected versions not specified Description: An exponential ReDoS Regular Expression Denial of Service can be triggered in the cleo PyPI package when an attacker is able to supply arbitrary input to the Table.set rows method...
CVE-2022-42964
An exponential ReDoS Regular Expression Denial of Service can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.fromstring method...
CVE-2022-35739
PRTG Network Monitor through 22.2.77.2204 does not prevent custom input for a device’s icon, which can be modified to insert arbitrary content into the style tag for that device. When the device page loads, the arbitrary Cascading Style Sheets CSS data is inserted into the style tag, loading...
Aruba Networks ClearPass Policy Manager 跨站请求伪造漏洞
Aruba Networks ClearPass Policy Manager is an Aruba Networks application that provides a secure access management system for wireless networks. A security vulnerability exists in Aruba Networks ClearPass Policy Manager versions 6.10.x through 6.10.6 and 6.9.x through 6.9.11. An attacker could...
GHSA-CHW2-6C7R-37P7 uri-template-lite Regular Expression Denial of Service
An exponential ReDoS Regular Expression Denial of Service can be triggered in the uri-template-lite npm package, when an attacker is able to supply arbitrary input to the "URI.expand" method...
uri-template-lite Regular Expression Denial of Service
An exponential ReDoS Regular Expression Denial of Service can be triggered in the uri-template-lite npm package, when an attacker is able to supply arbitrary input to the "URI.expand" method...
Design/Logic Flaw
An exponential ReDoS Regular Expression Denial of Service can be triggered in the uri-template-lite npm package, when an attacker is able to supply arbitrary input to the "URI.expand" method...
CVE-2021-43309 ReDoS in uri-template-lite URI.expand function
An exponential ReDoS Regular Expression Denial of Service can be triggered in the uri-template-lite npm package, when an attacker is able to supply arbitrary input to the "URI.expand" method...
GHSA-V65G-F3CJ-FJP4 Regular expression denial of service in eth-account
An exponential ReDoS Regular Expression Denial of Service can be triggered in the eth-account PyPI package, when an attacker is able to supply arbitrary input to the encodestructureddata method...
CVE-2022-1930
An exponential ReDoS Regular Expression Denial of Service can be triggered in the eth-account PyPI package, when an attacker is able to supply arbitrary input to the encodestructureddata method...
Security feature bypass
An exponential ReDoS Regular Expression Denial of Service can be triggered in the eth-account PyPI package, when an attacker is able to supply arbitrary input to the encodestructureddata method...
PT-2022-4437
Name of the Vulnerable Software and Affected Versions eth-account affected versions not specified Description The issue is related to an exponential ReDoS Regular Expression Denial of Service that can be triggered in the eth-account PyPI package. This occurs when an attacker is able to supply...
CVE-2022-31147
The jQuery Validation Plugin jquery-validation provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service ReDoS when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix...
GHSA-FP36-299X-PWMW Regular expression denial of service in devcert
An exponential ReDoS Regular Expression Denial of Service can be triggered in the devcert npm package, when an attacker is able to supply arbitrary input to the certificateFor method...
Regular expression denial of service in markdown-link-extractor
An exponential ReDoS Regular Expression Denial of Service can be triggered in the markdown-link-extractor npm package, when an attacker is able to supply arbitrary input to the module's exported function...
Regular expression denial of service in semver-regex
An exponential ReDoS Regular Expression Denial of Service can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test method...
GHSA-MMH6-M7V9-5956 Regular expression denial of service in markdown-link-extractor
An exponential ReDoS Regular Expression Denial of Service can be triggered in the markdown-link-extractor npm package, when an attacker is able to supply arbitrary input to the module's exported function...
GHSA-4X5V-GMQ8-25CH Regular expression denial of service in semver-regex
An exponential ReDoS Regular Expression Denial of Service can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test method...