77 matches found
Azure Linux 3.0 Security Update: librsvg2 (CVE-2022-24713)
The version of librsvg2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-24713 advisory. - regex is an implementation of regular expressions for the Rust language. The regex crate features built-in...
MiracleLinux 7 : firefox-91.8.0-1.0.1.el7.AXS7 (AXSA:2022-3144:08)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3144:08 advisory. Mozilla: Use-after-free in NSSToken objects CVE-2022-1097 Mozilla: Out of bounds write due to unexpected WebAuthN Extensions CVE-2022-28281 Mozilla:...
Amazon Linux 2 : amazon-efs-utils, --advisory ALAS2-2025-3076 (ALAS-2025-3076)
The version of amazon-efs-utils installed on the remote host is prior to 2.4.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3076 advisory. regex is an implementation of regular expressions for the Rust language. The regex crate features built-in...
SUSE-SU-2025:3786-1 Security update for afterburn
This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: - CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...
Security update for afterburn
This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...
CVE-2022-24713 affecting package rust for versions less than regex-1.8.4
CVE-2022-24713 affecting package rust for versions less than regex-1.8.4. A patched version of the package is available...
Linux Distros Unpatched Vulnerability : CVE-2022-24713
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caus...
Security update for kanidm (moderate)
openSUSE Security Update: Security update for kanidm Announcement ID: openSUSE-SU-2024:0294-1 Rating: moderate References: 1191031 1194119 1196972 1210356 Cross-References: CVE-2021-45710 CVE-2022-24713 CVE-2023-26964 CVSS scores: CVE-2021-45710 SUSE: 3.3...
CVE-2022-24713 affecting package rpm-ostree for versions less than 2024.4-1
CVE-2022-24713 affecting package rpm-ostree for versions less than 2024.4-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-24713 affecting package librsvg2 for versions less than 2.58.1-1
CVE-2022-24713 affecting package librsvg2 for versions less than 2.58.1-1. An upgraded version of the package is available that resolves this issue...
openSUSE: Security Advisory for sccache (SUSE-SU-2023:3526-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Rocky Linux 8 : firefox (RLSA-2022:1287)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:1287 advisory. - NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free an...
Rocky Linux 8 : thunderbird (RLSA-2022:1301)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:1301 advisory. - NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free an...
SUSE SLES15: aws-nitro-enclaves-binaryblobs-upstream / aws-nitro-enclaves-cli / etc (SUSE-SU-2023:1844-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1844-1 advisory. Update aws-nitro-enclaves-cli to version 1.2.2git0.4ccc639: CVE-2022-31394: Fixed DoS vulnerability in hyper crate...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : sccache (SUSE-SU-2022:4073-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4073-1 advisory. Updated to version 0.3.0: - CVE-2022-24713: Fixed Regex denial of service bsc1196972. -...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rustup (SUSE-SU-2022:3949-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3949-1 advisory. Updated to version 1.25.10: - CVE-2022-24713: Fixed Regex denial of service bsc1196972. -...
Ubuntu 20.04 LTS / 22.04 LTS : rust-regex vulnerability (USN-5610-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5610-1 advisory. Addison Crump discovered that rust-regex did not properly limit the complexity of the regular expressions regex it parses. An attacker could possibly...
Mozilla Firefox ESR Security Advisory (MFSA2022-14) - Mac OS X
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
Exploit for Uncontrolled Resource Consumption in Rust-Lang Regex
POC of CVE-2022-24713 on Ubuntu Install the current rust-regex...
Amazon Linux 2 : thunderbird (ALAS-2022-1789)
The version of thunderbird installed on the remote host is prior to 91.8.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1789 advisory. The Mozilla Foundation Security Advisory describes this flaw as: NSSToken objects were referenced via direct points,...