1040 matches found
DEBIAN-CVE-2013-4363
Algorithmic complexity vulnerability in Gem::Version::ANCHOREDVERSIONPATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.2, 1.8.24 through 1.8.26, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service CP...
DEBIAN-CVE-2013-4287
Algorithmic complexity vulnerability in Gem::Version::VERSIONPATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service CPU...
CVE-2013-4287
Algorithmic complexity vulnerability in Gem::Version::VERSIONPATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service CPU...
MGASA-2013-0297 Updated ruby-RubyGems package fixes security vulnerabilies
Updated ruby-RubyGems package fixes security vulnerability: RubyGems validates versions with a regular expression that is vulnerable to denial of service due to a backtracking regular expression. For specially crafted RubyGems versions attackers can cause denial of service through CPU consumption...
ruby-gems -- Algorithmic Complexity Vulnerability
Ruby Gem developers report: The patch for CVE-2013-4363 was insufficiently verified so the combined regular expression for verifying gem version remains vulnerable following CVE-2013-4363. RubyGems validates versions with a regular expression that is vulnerable to denial of service due to...
Design/Logic Flaw
Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...
Ubuntu Update for icu vulnerabilities USN-591-1
Ubuntu Update for Linux kernel vulnerabilities USN-591-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5911.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for icu vulnerabilities USN-591-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
ruby: WEBrick DoS vulnerability (CPU consumption)
Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.splitheadervalue function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of...
ruby -- DoS vulnerability in WEBrick
The official ruby site reports: WEBrick::HTTP::DefaultFileHandler is faulty of exponential time taking requests due to a backtracking regular expression in WEBrick::HTTPUtils.splitheadervalue...
DEBIAN-CVE-2007-4771
Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode ICU 3.8.1 and earlier allows context-dependent attackers to cause a denial of service memory consumption and possibly have unspecified other impact via a regular expression that...
libicu incomplete interval handling
Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode ICU 3.8.1 and earlier allows context-dependent attackers to cause a denial of service memory consumption and possibly have unspecified other impact via a regular expression that...
CVE-2007-1661
Perl-Compatible Regular Expression PCRE library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service crash, as demonstrated by the "\X?\d...
DEBIAN-CVE-2007-1661
Perl-Compatible Regular Expression PCRE library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service crash, as demonstrated by the "\X?\d...
GLSA-200702-03 : Snort: Denial of Service
The remote host is affected by the vulnerability described in GLSA-200702-03 Snort: Denial of Service Randy Smith, Christian Estan and Somesh Jha discovered that the rule matching algorithm of Snort can be exploited in a way known as a 'backtracking attack' to perform numerous time-consuming...
Snort: Denial of service
Background Snort is a widely deployed intrusion detection program. Description Randy Smith, Christian Estan and Somesh Jha discovered that the rule matching algorithm of Snort can be exploited in a way known as a "backtracking attack" to perform numerous time-consuming operations. Impact A remote...
CVE-2006-6931
Algorithmic complexity vulnerability in Snort before 2.6.1, during predicate evaluation in rule matching for certain rules, allows remote attackers to cause a denial of service CPU consumption and detection outage via crafted network traffic, aka a "backtracking attack."...
CVE-2006-6931
Removed by vendor...
Дырка в MasterIndex
Обратный путь в директориях позволяет доступ к любым файлам...
CVE-2026-45305: YAML Parser ReDoS via Catastrophic Backtracking in Parser::cleanup() Regex
More info at https://symfony.com/cve-2026-45305...
CVE-2026-45305: YAML Parser ReDoS via Catastrophic Backtracking in Parser::cleanup() Regex
More info at https://symfony.com/cve-2026-45305...