1033 matches found
PT-2024-35355 · Giskard · Giskard
Name of the Vulnerable Software and Affected Versions: Giskard versions prior to 2.15.5 Description: A Remote Code Execution ReDoS vulnerability was discovered in the Giskard component. This issue can trigger exponential regex evaluation times when processing datasets with specific text patterns,...
Amazon Linux 2023 : python3.11, python3.11-devel, python3.11-idle (ALAS2023-2024-757)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-757 advisory. There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted...
python: cpython: tarfile: ReDos via excessive backtracking while parsing header values
A regular expression denial of service ReDos vulnerability was found in Python's tarfile module. Due to excessive backtracking while tarfile parses headers, an attacker may be able to trigger a denial of service via a specially crafted tar archive...
python: cpython: tarfile: ReDos via excessive backtracking while parsing header values
A regular expression denial of service ReDos vulnerability was found in Python's tarfile module. Due to excessive backtracking while tarfile parses headers, an attacker may be able to trigger a denial of service via a specially crafted tar archive...
python: cpython: tarfile: ReDos via excessive backtracking while parsing header values
A regular expression denial of service ReDos vulnerability was found in Python's tarfile module. Due to excessive backtracking while tarfile parses headers, an attacker may be able to trigger a denial of service via a specially crafted tar archive...
RHEL 9 : python3.11 (RHSA-2024:9450)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:9450 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...
Regular Expression Denial Of Service (ReDoS)
Foundation is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to the use of inefficient or poorly optimized regular expressions, allows an attacker for excessive backtracking, which can be exploited in a ReDoS attack to overwhelm the system with resource-intensi...
Regular Expression Denial Of Service (ReDoS)
Validate.js is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to certain regular expressions in Validate.js that can enter catastrophic backtracking, when the regex engine takes an excessive amount of time to evaluate certain input patterns, allowing attackers ...
Moderate: Red Hat Security Advisory: python39:3.9 security update
An update for the python39:3.9 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated...
SUSE CVE-2023-52920
In the Linux kernel, the following vulnerability has been resolved: bpf: support non-r10 register spill/fill to/from stack in precision tracking Use instruction jump history to record instructions that performed register spill/fill to/from stack, regardless if this was done through read-only r10...
RHEL 8 : python39:3.9 (RHSA-2024:8797)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8797 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...
CVE-2023-52920
In the Linux kernel, the following vulnerability has been resolved: bpf: support non-r10 register spill/fill to/from stack in precision tracking Use instruction jump history to record instructions that performed register spill/fill to/from stack, regardless if this was done through read-only r10...
DEBIAN-CVE-2023-52920
In the Linux kernel, the following vulnerability has been resolved: bpf: support non-r10 register spill/fill to/from stack in precision tracking Use instruction jump history to record instructions that performed register spill/fill to/from stack, regardless if this was done through read-only r10...
AZL-52308 CVE-2023-52920 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: bpf: support non-r10 register spill/fill to/from stack in precision tracking Use instruction jump history to record instructions that performed register spill/fill to/from stack, regardless if this was done through read-only r10...
UBUNTU-CVE-2023-52920
In the Linux kernel, the following vulnerability has been resolved: bpf: support non-r10 register spill/fill to/from stack in precision tracking Use instruction jump history to record instructions that performed register spill/fill to/from stack, regardless if this was done through read-only r10...
python: cpython: tarfile: ReDos via excessive backtracking while parsing header values
A regular expression denial of service ReDos vulnerability was found in Python's tarfile module. Due to excessive backtracking while tarfile parses headers, an attacker may be able to trigger a denial of service via a specially crafted tar archive...
python: cpython: tarfile: ReDos via excessive backtracking while parsing header values
A regular expression denial of service ReDos vulnerability was found in Python's tarfile module. Due to excessive backtracking while tarfile parses headers, an attacker may be able to trigger a denial of service via a specially crafted tar archive...
python: cpython: tarfile: ReDos via excessive backtracking while parsing header values
A regular expression denial of service ReDos vulnerability was found in Python's tarfile module. Due to excessive backtracking while tarfile parses headers, an attacker may be able to trigger a denial of service via a specially crafted tar archive...
AlmaLinux 9 : python3.9 (ALSA-2024:8446)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8446 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block directly...
RockyLinux 9 : python3.9 (RLSA-2024:8446)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:8446 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block directl...