Ubuntu: Security Advisory (USN-7040-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7040-2 configobj vulnerability

USN-7040-1 fixed a vulnerability in ConfigObj. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a...

USN-7040-2: ConfigObj vulnerability

USN-7040-1 fixed a vulnerability in ConfigObj. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a...

Ubuntu 14.04 LTS : ConfigObj vulnerability (USN-7040-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7040-2 advisory. USN-7040-1 fixed a vulnerability in ConfigObj. This update provides the corresponding update for Ubuntu 14.04 LTS. Tenable has extracted the preceding description...

Ubuntu: Security Advisory (USN-7040-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7040-1: ConfigObj vulnerability

It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a regular expression denial of service...

USN-7040-1 configobj vulnerability

It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a regular expression denial of service...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : ConfigObj vulnerability (USN-7040-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7040-1 advisory. It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly u...

The vulnerability of the configobj program for reading and writing INI files lies in the use of a regular expression c, which has an inefficient computational cost. This allows attackers to trigger a service failure.

The vulnerability of the configobj program for reading and writing INI files is related to the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

ROS-20240911-08

The vulnerability of the configobj ini file reader and writer is related to the placement of a malicious value into a server-side configuration file by a developer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

FreeBSD : Configobj -- Regular Expression Denial of Service attack (46419e8c-65d9-11ef-ac06-b0416f0c4c67)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 46419e8c-65d9-11ef-ac06-b0416f0c4c67 advisory. [email protected] reports: All versions of the package configobj are vulnerable to Regular Expression Deni...

OPENSUSE-SU-2024:13199-1 python310-configobj-5.0.8-3.1 on GA media

These are all security issues fixed in the python310-configobj-5.0.8-3.1 package on the GA media of openSUSE Tumbleweed...

RHEL 9 : python-configobj (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-configobj: Regular expression denial of service exists in ./src/configobj/validate.py CVE-2023-26112 Note th...

RHEL 8 : python-configobj (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-configobj: Regular expression denial of service exists in ./src/configobj/validate.py CVE-2023-26112 Note th...

Huawei EulerOS: Security Advisory for python-configobj (EulerOS-SA-2024-1699)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.0 : python-configobj (EulerOS-SA-2024-1699)

According to the versions of the python-configobj packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate...

EulerOS Virtualization 3.0.6.6 : python-configobj (EulerOS-SA-2024-1664)

According to the versions of the python-configobj package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate...

Huawei EulerOS: Security Advisory for python-configobj (EulerOS-SA-2024-1664)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : python-configobj (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-configobj: Regular expression denial of service exists in ./src/configobj/validate.py CVE-2023-26112 Note th...

RHEL 6 : python-configobj (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-configobj: Regular expression denial of service exists in ./src/configobj/validate.py CVE-2023-26112 Note th...