Lucene search
K

106 matches found

CNNVD
CNNVD
added 2026/04/03 12:0 a.m.8 views

Pymetasploit3 安全漏洞

Pymetasploit3 is an automated library developed by Dan McInerney. Versions of pymetasploit3 prior to 1.0.6 contain security vulnerabilities. These vulnerabilities stem from the console.runmodulewithoutput function, which allows for the injection of line breaks into module options, potentially...

9.3CVSS5.8AI score0.01923EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.10 views

H3 注入漏洞

H3 is an open-source HTTP framework developed by H3. Versions prior to H3 1.15.6, as well as versions 2.0.0 to 2.0.1-rc.14, have a vulnerability related to injection attacks. This vulnerability stems from the lack of line break cleaning in the createEventStream function, which may allow the serve...

10CVSS5.8AI score0.00573EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/27 5:58 p.m.6 views

CVE-2026-24001

A flaw was found in jsdiff. A specially crafted patch input containing specific line break characters can cause the parsePatch method to enter an infinite loop, leading to uncontrolled memory consumption and a process crash, resulting in a denial of service. The applyPatch method is similarly...

7.5CVSS5.8AI score0.00562EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.5 views

CPython security vulnerabilities

CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has a security vulnerability that stems from the email module’s improper handling of line breaks during email serialization, which may lead to header injection attacks...

6CVSS6.8AI score0.00782EPSS
Exploits0References6
OSV
OSV
added 2026/01/22 3:15 a.m.3 views

DEBIAN-CVE-2026-24001

jsdiff is a JavaScript text differencing implementation. Prior to versions 8.0.3, 5.2.2, 4.0.4, and 3.5.1, attempting to parse a patch whose filename headers contain the line break characters \r, \u2028, or \u2029 can cause the parsePatch method to enter an infinite loop. It then consumes memory...

7.5CVSS4.6AI score0.00562EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 3:15 a.m.15 views

CVE-2026-24001

jsdiff is a JavaScript text differencing implementation. Prior to versions 8.0.3, 5.2.2, 4.0.4, and 3.5.1, attempting to parse a patch whose filename headers contain the line break characters \r, \u2028, or \u2029 can cause the parsePatch method to enter an infinite loop. It then consumes memory...

7.5CVSS0.00562EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/01/22 2:23 a.m.5 views

CVE-2026-24001

jsdiff is a JavaScript text differencing implementation. Prior to versions 8.0.3, 5.2.2, 4.0.4, and 3.5.1, attempting to parse a patch whose filename headers contain the line break characters \r, \u2028, or \u2029 can cause the parsePatch method to enter an infinite loop. It then consumes memory...

6.9CVSS5.8AI score0.00562EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/01/22 2:23 a.m.27 views

CVE-2026-24001 jsdiff has a Denial of Service vulnerability in parsePatch and applyPatch

jsdiff is a JavaScript text differencing implementation. Prior to versions 8.0.3, 5.2.2, 4.0.4, and 3.5.1, attempting to parse a patch whose filename headers contain the line break characters \r, \u2028, or \u2029 can cause the parsePatch method to enter an infinite loop. It then consumes memory...

6.9CVSS0.00562EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/22 2:23 a.m.2 views

CVE-2026-24001 jsdiff has a Denial of Service vulnerability in parsePatch and applyPatch

jsdiff is a JavaScript text differencing implementation. Prior to versions 8.0.3, 5.2.2, 4.0.4, and 3.5.1, attempting to parse a patch whose filename headers contain the line break characters \r, \u2028, or \u2029 can cause the parsePatch method to enter an infinite loop. It then consumes memory...

6.9CVSS5.8AI score0.00562EPSS
Exploits0References4
CVE
CVE
added 2026/01/22 2:23 a.m.127 views

CVE-2026-24001

CVE-2026-24001 concerns jsdiff, a JavaScript diff library. The description documents a denial-of-service vulnerability: if patch filenames contain line break characters (\r, \u2028, or \u2029), parsePatch can loop infinitely and exhaust memory, crashing the process. The issue affects versions pri...

7.5CVSS5.8AI score0.00562EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2026/01/22 2:23 a.m.5 views

CVE-2026-24001

jsdiff is a JavaScript text differencing implementation. Prior to versions 8.0.3, 5.2.2, 4.0.4, and 3.5.1, attempting to parse a patch whose filename headers contain the line break characters \r, \u2028, or \u2029 can cause the parsePatch method to enter an infinite loop. It then consumes memory...

7.5CVSS4.6AI score0.00562EPSS
Exploits0
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.5 views

jsdiff security vulnerabilities

jsdiff is a text comparison library developed by Kevin Decker. Versions of jsdiff prior to 8.0.3, 5.2.2, 4.0.4, and 3.5.1 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of patch files containing specific line breaks, which could lead to infinite loops and...

7.5CVSS5.8AI score0.00562EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.9 views

Incus injection vulnerability

Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 6.20.0 have a vulnerability that allows for injection attacks. This vulnerability stems from the ability to add arbitrary lifecycle hooks in container configurations through line breaks, potential...

8.7CVSS6.1AI score0.00471EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.6 views

CPython security vulnerabilities

CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has security vulnerabilities, where user-controlled headers containing line breaks can lead to HTTP header injection attacks...

5.9CVSS7.1AI score0.00463EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.6 views

CPython security vulnerabilities

CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has security vulnerabilities, which stem from the possibility of injecting additional commands through line breaks when user-controlled commands are passed...

5.9CVSS7.1AI score0.0036EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.7 views

CPython security vulnerabilities

CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has security vulnerabilities, which stem from the possibility of injecting additional commands through line breaks when user-controlled commands are passed...

5.9CVSS7.1AI score0.00315EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.7 views

CPython security vulnerabilities

CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has security vulnerabilities, which stem from allowing header injection via line breaks when parsing data URLs that are controlled by users...

6CVSS5.8AI score0.0048EPSS
Exploits0References4
Veracode
Veracode
added 2025/10/24 7:5 p.m.10 views

Log Injection

Jenkins is vulnerable to Log Injection. The vulnerability is due to insufficient restriction or sanitization of user-supplied content in log messages, which allows an attacker to inject line break characters and forge log entries, misleading administrators during log reviews...

5.3CVSS7.3AI score0.00335EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2003-0969

Malware in sbrugna...

5CVSS6.4AI score0.01041EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29721

Malicious code in bioql PyPI...

5.3CVSS7.4AI score0.00335EPSS
Exploits0References3
Rows per page
Query Builder