CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2023/10/18 12:0 a.m.•10 views

Fedora 38 : python-configobj (2023-27b41bb133)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-27b41bb133 advisory. Fixes an issue in configobj: CVE-2023-26112 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

Tenable Nessus•added 2023/10/18 12:0 a.m.•19 views

Exploits1References2

Fedora 37 : python-configobj (2023-62baa45349)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-62baa45349 advisory. Fixes an issue in configobj: CVE-2023-26112 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

Tenable Nessus•added 2023/08/23 12:0 a.m.•13 views

Exploits1References2

SUSE SLES12 Security Update : python-configobj (SUSE-SU-2023:3368-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3368-1 advisory. - All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?....

OSV•added 2023/08/22 9:13 a.m.•4 views

SUSE-SU-2023:3369-1 Security update for python-configobj

This update for python-configobj fixes the following issues: - CVE-2023-26112: Fixed regular expression denial of service vulnerability in validate.py bsc1210070...

5.9CVSS5.7AI score0.0009EPSS

OSV•added 2023/08/22 9:10 a.m.•5 views

SUSE-SU-2023:3368-1 Security update for python-configobj

This update for python-configobj fixes the following issues: - CVE-2023-26112: Fixed regular expression denial of service vulnerability in validate.py bsc1210070...

5.9CVSS5.7AI score0.0009EPSS

OpenVAS•added 2023/08/22 12:0 a.m.•8 views

SUSE: Security Advisory (SUSE-SU-2023:3368-1)

5.9CVSS5.9AI score0.0009EPSS

Tenable Nessus•added 2023/08/14 12:0 a.m.•27 views

Amazon Linux 2 : python-configobj (ALAS-2023-2188)

The version of python-configobj installed on the remote host is prior to 4.7.2-7. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2188 advisory. All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate...

Amazon•added 2023/08/07 12:0 a.m.•23 views

Low: python-configobj

Issue Overview: All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?\.\. Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file. CVE-2023-26112...

5.9CVSS6AI score0.0009EPSS

Tenable Nessus•added 2023/07/20 12:0 a.m.•18 views

Amazon Linux 2023 : python3-configobj (ALAS2023-2023-254)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-254 advisory. All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?.. Note: This is only exploitable in the case of a developer,...

5.9CVSS5.4AI score0.0009EPSS

Amazon•added 2023/07/19 12:0 a.m.•3 views

Low: python-configobj

5.9CVSS5.9AI score0.0009EPSS

IBM Security Bulletins•added 2023/06/30 6:35 p.m.•20 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable ConfigObj denial of service ( CVE-2023-26112)

Summary Potential ConfigObj denial of service vulnerability CVE-2023-26112 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-26112 DESCRIPTION: ConfigObj is vulnerable to a denial ...

5.9CVSS5AI score0.0009EPSS

Exploits1Affected Software1

Tenable Nessus•added 2023/04/14 12:0 a.m.•17 views

FreeBSD : py39-configobj -- vulnerable to Regular Expression Denial of Service (de970aef-d60e-466b-8e30-1ae945a047f1)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the de970aef-d60e-466b-8e30-1ae945a047f1 advisory. - All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS vi...

SUSE CVE•added 2023/04/05 1:49 a.m.•1 views

SUSE CVE-2023-26112

All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?.. Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file...

3.7CVSS6.9AI score0.0009EPSS

Exploits1References9

RedhatCVE•added 2023/04/03 1:14 p.m.•29 views

CVE-2023-26112

A flaw was found in python-configobj via the Validator function at python-configobj/validate.py. This issue only occurs in the case of a developer putting the offending value in a server side configuration file, which could lead to a Regular Expression Denial of Service ReDoS...

vulnersOsv•added 2023/04/03 6:30 a.m.•1 views

aws-syndicate (>=0.9.2 <=1.9.4), bcipy (>=1.1.1 <=1.4.2) +40 more potentially affected by CVE-2023-26112 via configobj (>=5.0.0 <=5.0.8)

configobj PYPI version =5.0.0, =0.9.2, =1.1.1, =0.4.1, =1.0.0, =1.0.0, =1.7.0, =0.0.2, =0.1.5, =0.1.2, =0.0.26, =0.1.0, =2.1.0, =0.1.5, =0.1.14, =2018.4.2.1 and more Source cves: CVE-2023-26112 Source advisory: OSV:GHSA-C33W-24P9-8M24...

5.9CVSS6.1AI score0.0009EPSS