Lucene search
K

1040 matches found

OSV
OSV
added 2013/10/17 11:55 p.m.3 views

DEBIAN-CVE-2013-4363

Algorithmic complexity vulnerability in Gem::Version::ANCHOREDVERSIONPATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.2, 1.8.24 through 1.8.26, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service CP...

4.3CVSS6.6AI score0.0169EPSS
Exploits0References1
OSV
OSV
added 2013/10/17 11:55 p.m.2 views

DEBIAN-CVE-2013-4287

Algorithmic complexity vulnerability in Gem::Version::VERSIONPATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service CPU...

4.3CVSS7.7AI score0.03343EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2013/10/17 11:55 p.m.38 views

CVE-2013-4287

Algorithmic complexity vulnerability in Gem::Version::VERSIONPATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service CPU...

4.3CVSS7.2AI score0.03343EPSS
Exploits0References1
OSV
OSV
added 2013/10/09 10:29 p.m.10 views

MGASA-2013-0297 Updated ruby-RubyGems package fixes security vulnerabilies

Updated ruby-RubyGems package fixes security vulnerability: RubyGems validates versions with a regular expression that is vulnerable to denial of service due to a backtracking regular expression. For specially crafted RubyGems versions attackers can cause denial of service through CPU consumption...

4.3CVSS6AI score0.03343EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2013/09/24 12:0 a.m.30 views

ruby-gems -- Algorithmic Complexity Vulnerability

Ruby Gem developers report: The patch for CVE-2013-4363 was insufficiently verified so the combined regular expression for verifying gem version remains vulnerable following CVE-2013-4363. RubyGems validates versions with a regular expression that is vulnerable to denial of service due to...

4.3CVSS6.1AI score0.0169EPSS
Exploits0
Prion
Prion
added 2009/10/13 10:30 a.m.16 views

Design/Logic Flaw

Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...

5CVSS6.6AI score0.03686EPSS
Exploits0References10Affected Software1
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.23 views

Ubuntu Update for icu vulnerabilities USN-591-1

Ubuntu Update for Linux kernel vulnerabilities USN-591-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5911.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for icu vulnerabilities USN-591-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

9.3CVSS0.6AI score0.02819EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2008/10/21 2:52 p.m.5 views

ruby: WEBrick DoS vulnerability (CPU consumption)

Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.splitheadervalue function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of...

7.8CVSS7.1AI score0.70202EPSS
Exploits3References4
FreeBSD
FreeBSD
added 2008/08/08 12:0 a.m.31 views

ruby -- DoS vulnerability in WEBrick

The official ruby site reports: WEBrick::HTTP::DefaultFileHandler is faulty of exponential time taking requests due to a backtracking regular expression in WEBrick::HTTPUtils.splitheadervalue...

7.8CVSS6.7AI score0.70202EPSS
Exploits6References1
OSV
OSV
added 2008/01/29 12:0 a.m.1 views

DEBIAN-CVE-2007-4771

Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode ICU 3.8.1 and earlier allows context-dependent attackers to cause a denial of service memory consumption and possibly have unspecified other impact via a regular expression that...

9.3CVSS7.7AI score0.02538EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2008/01/25 1:28 p.m.6 views

libicu incomplete interval handling

Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode ICU 3.8.1 and earlier allows context-dependent attackers to cause a denial of service memory consumption and possibly have unspecified other impact via a regular expression that...

9.3CVSS7.7AI score0.02538EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2007/11/07 11:46 p.m.27 views

CVE-2007-1661

Perl-Compatible Regular Expression PCRE library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service crash, as demonstrated by the "\X?\d...

6.4CVSS5.9AI score0.02492EPSS
Exploits0References2
OSV
OSV
added 2007/11/07 11:46 p.m.2 views

DEBIAN-CVE-2007-1661

Perl-Compatible Regular Expression PCRE library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service crash, as demonstrated by the "\X?\d...

6.4CVSS6.3AI score0.02492EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/02/15 12:0 a.m.16 views

GLSA-200702-03 : Snort: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200702-03 Snort: Denial of Service Randy Smith, Christian Estan and Somesh Jha discovered that the rule matching algorithm of Snort can be exploited in a way known as a 'backtracking attack' to perform numerous time-consuming...

5CVSS5.6AI score0.02312EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2007/02/13 12:0 a.m.32 views

Snort: Denial of service

Background Snort is a widely deployed intrusion detection program. Description Randy Smith, Christian Estan and Somesh Jha discovered that the rule matching algorithm of Snort can be exploited in a way known as a "backtracking attack" to perform numerous time-consuming operations. Impact A remote...

5CVSS6.3AI score0.02312EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2007/01/16 11:28 p.m.20 views

CVE-2006-6931

Algorithmic complexity vulnerability in Snort before 2.6.1, during predicate evaluation in rule matching for certain rules, allows remote attackers to cause a denial of service CPU consumption and detection outage via crafted network traffic, aka a "backtracking attack."...

5CVSS5.8AI score0.02312EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2007/01/16 11:0 p.m.22 views

CVE-2006-6931

Removed by vendor...

5CVSS6.7AI score0.02312EPSS
Exploits0
securityvulns
securityvulns
added 2000/10/10 12:0 a.m.29 views

Дырка в MasterIndex

Обратный путь в директориях позволяет доступ к любым файлам...

0.8AI score
Exploits0References1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.10 views

CVE-2026-45305: YAML Parser ReDoS via Catastrophic Backtracking in Parser::cleanup() Regex

More info at https://symfony.com/cve-2026-45305...

5.8AI score0.00076EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.11 views

CVE-2026-45305: YAML Parser ReDoS via Catastrophic Backtracking in Parser::cleanup() Regex

More info at https://symfony.com/cve-2026-45305...

5.8AI score0.00076EPSS
Exploits0Affected Software1
Rows per page
Query Builder