9309 matches found
CVE-2025-41253
The following versions of Spring Cloud Gateway Server Webflux may be vulnerable to the ability to expose environment variables and system properties to attackers. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud Gateway Server...
CVE-2025-41253 Spring Cloud Gateway Webflux SpEL Injection Vulnerability Allowing Exposure of Environment Variables
The following versions of Spring Cloud Gateway Server Webflux may be vulnerable to the ability to expose environment variables and system properties to attackers. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud Gateway Server...
CVE-2025-41253 Spring Cloud Gateway Webflux SpEL Injection Vulnerability Allowing Exposure of Environment Variables
The following versions of Spring Cloud Gateway Server Webflux may be vulnerable to the ability to expose environment variables and system properties to attackers. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud Gateway Server...
Apache Traffic Control has an Inefficient Regular Expression Complexity vulnerability
UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...
EUVD-2025-34739
Apache Traffic Control has an Inefficient Regular Expression Complexity vulnerability...
GHSA-9M49-P2J3-C6XM Apache Traffic Control has an Inefficient Regular Expression Complexity vulnerability
UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...
CVE-2025-61581 Apache Traffic Control: ReDoS issue in Traffic Router configuration
UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...
Icinga 2 安全漏洞
Icinga 2 is a monitoring system from Icinga open source. A security vulnerability exists in Icinga 2 2.15.0 and earlier versions, which stems from a filter expression that can access unauthorized variables or objects, potentially leading to information disclosure...
Spring Cloud Gateway Server Webflux 安全漏洞
Spring Cloud Gateway Server Webflux is a Spring open source gateway server. A security vulnerability exists in Spring Cloud Gateway Server Webflux that stems from the Spring Expression Language that may expose environment variables and system properties, potentially leading to information...
Regular Expression Denial Of Service (ReDoS)
Cattown is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability is due to the use of inefficient regular expressions with potentially exponential backtracking complexity, which allows an attacker to craft malicious markdown inputs that cause excessive CPU usage and lead to...
Expression Language Injection
Overview Affected versions of this package are vulnerable to Expression Language Injection in route definitions. An attacker with permission to define routes can expose the server's file structure or other sensitive environment variables by crafting a SpEL expression to access sensitive system...
Regular Expression Denial of Service (ReDoS)
Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in the parsing of the If-Match and If-None-Match headers when the ETag method is used in response construction. An attacker can cause excessive resource consumption by sending specially crafted...
Common Expression Language 输入验证错误漏洞
Common Expression Language is a common expression language interpreter written in Rust by cel-rust open source. An input validation error vulnerability exists in Common Expression Language version 0.10.0 through versions prior to 0.11.4, which stems from the fact that parsing a specific incorrect...
PT-2025-41615
Name of the Vulnerable Software and Affected Versions cel-rust versions 0.10.0 through 0.11.3 Description cel-rust is a Common Expression Language interpreter written in Rust. Parsing specific, malformed Common Expression Language CEL expressions can cause the parser to terminate unexpectedly. If...
rexml: REXML: Denial of Service via inefficient regex parsing
A flaw was found in REXML. A remote attacker could exploit inefficient regular expression regex parsing when processing hex numeric character references &x...; in XML documents. This could lead to a Regular Expression Denial of Service ReDoS, impacting the availability of the affected component...
EUVD-2018-20752
Malware in sbrugna...
EUVD-2020-28321
Malware in sbrugna...
EUVD-2021-26289
Malware in sbrugna...
EUVD-2015-8273
Malware in sbrugna...
EUVD-2020-28280
Malware in sbrugna...