1033 matches found
CVE-2024-6232
There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives...
AZL-48585 CVE-2024-6232 affecting package python3 for versions less than 3.9.19-5
There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives...
AZL-48740 CVE-2024-6232 affecting package tensorflow for versions less than 2.16.1-7
There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives...
ALPINE-CVE-2024-6232
There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives...
UBUNTU-CVE-2024-6232
There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives...
Regular Expression Denial Of Service (ReDoS)
urlregex is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability is due to inefficient handling of regular expressions in the index.js file of the Backtracking component in nescalante urlregex, allowing an attacker to induce performance degradation or resource exhaustion...
GHSA-RW72-V6C7-HF9R ReDoS in urlregex
A vulnerability was found in nescalante urlregex up to 0.5.0 and classified as problematic. This issue affects some unknown processing of the file index.js of the component Backtracking. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely. The...
CVE-2020-36830 nescalante urlregex Backtracking index.js redos
A vulnerability was found in nescalante urlregex up to 0.5.0 and classified as problematic. This issue affects some unknown processing of the file index.js of the component Backtracking. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely. The...
PT-2024-10840 · Nescalante · Url-Regex
Name of the Vulnerable Software and Affected Versions: nescalante urlregex versions up to 0.5.0 Description: A vulnerability was found in the nescalante urlregex component, affecting some unknown processing of the file index.js of the Backtracking component. The manipulation leads to inefficient...
ROS-20240815-13
A vulnerability in the configuration implementation of the HTML cleanup tool for Rails Rails Html Sanitizer applications is related to content injection if the application developer overrides the allowed tags "math" and "style" or "svg" and "style". Exploitation of the vulnerability could allow a...
BIT-GITLAB-2024-2800 Uncontrolled Resource Consumption in GitLab
ReDoS flaw in RefMatcher when matching branch names using wildcards in GitLab EE/CE affecting all versions from 11.3 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allows denial of service via Regex backtracking...
BIT-GITLAB-2024-7610 Uncontrolled Resource Consumption in GitLab
A Denial of Service DoS condition has been discovered in GitLab CE/EE affecting all versions starting with 15.9 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause catastrophic backtracking while parsing results from Elasticsearch...
UBUNTU-CVE-2024-2800
ReDoS flaw in RefMatcher when matching branch names using wildcards in GitLab EE/CE affecting all versions from 11.3 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allows denial of service via Regex backtracking...
UBUNTU-CVE-2024-7610
A Denial of Service DoS condition has been discovered in GitLab CE/EE affecting all versions starting with 15.9 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause catastrophic backtracking while parsing results from Elasticsearch...
CVE-2024-7610
A Denial of Service DoS condition has been discovered in GitLab CE/EE affecting all versions starting with 15.9 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause catastrophic backtracking while parsing results from Elasticsearch...
CVE-2024-2800
ReDoS flaw in RefMatcher when matching branch names using wildcards in GitLab EE/CE affecting all versions from 11.3 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allows denial of service via Regex backtracking...
CVE-2024-2800
CVE-2024-2800 describes a ReDoS vulnerability in GitLab’s RefMatcher when matching branch names with wildcards, affecting GitLab CE/EE versions 11.3 up to 17.0.6, 17.1 up to 17.1.4, and 17.2 up to 17.2.2. The underlying issue is regex backtracking leading to denial of service. Several connected s...
CVE-2024-2800
Removed by vendor...
CVE-2024-2800 Uncontrolled Resource Consumption in GitLab
ReDoS flaw in RefMatcher when matching branch names using wildcards in GitLab EE/CE affecting all versions from 11.3 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allows denial of service via Regex backtracking...
CVE-2024-2800 Uncontrolled Resource Consumption in GitLab
ReDoS flaw in RefMatcher when matching branch names using wildcards in GitLab EE/CE affecting all versions from 11.3 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allows denial of service via Regex backtracking...