Lucene search
K

139 matches found

OSV
OSV
added 2023/02/07 12:6 a.m.5 views

MGASA-2023-0036 Updated python-mechanize packages fix security vulnerability

Denial of service via crafted regular expression CVE-2021-32837 Fixed mechanize not found during build...

7.5CVSS7.4AI score0.28661EPSS
Exploits1References3
Mageia
Mageia
added 2023/02/07 12:6 a.m.33 views

Updated python-mechanize packages fix security vulnerability

Denial of service via crafted regular expression CVE-2021-32837 Fixed mechanize not found during build...

7.5CVSS3.4AI score0.28661EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/01/24 12:0 a.m.19 views

openSUSE 15 Security Update : python-mechanize (openSUSE-SU-2023:0030-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0030-1 advisory. - mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial...

7.5CVSS7.3AI score0.28661EPSS
Exploits1References5
OSV
OSV
added 2023/01/23 3:1 p.m.5 views

OPENSUSE-SU-2023:0030-1 Security update for python-mechanize

This update for python-mechanize fixes the following issues: Update to version 0.4.8: - CVE-2021-32837: Fixed a denial of service via regular expression boo1207242. - Fixed mechanize not found during build boo1202003...

7.5CVSS7.4AI score0.28661EPSS
Exploits1References4
OPENSUSE Linux
OPENSUSE Linux
added 2023/01/23 12:0 a.m.4 views

Security update for python-mechanize (moderate)

openSUSE Security Update: Security update for python-mechanize Announcement ID: openSUSE-SU-2023:0030-1 Rating: moderate References: 1202003 1207242 Cross-References: CVE-2021-32837 Affected Products: openSUSE Backports SLE-15-SP4 An update that solves one vulnerability and has one errata is now...

7.5CVSS7.7AI score0.28661EPSS
Exploits1References2
OSV
OSV
added 2023/01/18 12:30 a.m.1 views

GHSA-G3PV-PJ5F-3HFQ mechanize Regular Expression Denial of Service vulnerability

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...

8.7CVSS7.1AI score0.28661EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2023/01/18 12:30 a.m.25 views

mechanize Regular Expression Denial of Service vulnerability

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...

7.5CVSS2.9AI score0.28661EPSS
Exploits1References9Affected Software1
NVD
NVD
added 2023/01/17 10:15 p.m.10 views

CVE-2021-32837

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...

7.5CVSS7.4AI score0.28661EPSS
Exploits1References6
OSV
OSV
added 2023/01/17 10:15 p.m.21 views

CVE-2021-32837

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...

7.5CVSS7.3AI score
Exploits0References6
OSV
OSV
added 2023/01/17 10:15 p.m.2 views

DEBIAN-CVE-2021-32837

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...

7.5CVSS7.3AI score0.28661EPSS
Exploits1References1
PyPA
PyPA
added 2023/01/17 10:15 p.m.6 views

PYSEC-2023-25

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...

7.5CVSS6.8AI score0.28661EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2023/01/17 10:15 p.m.6 views

UBUNTU-CVE-2021-32837

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...

7.5CVSS5.8AI score0.28661EPSS
Exploits1References5
Prion
Prion
added 2023/01/17 10:15 p.m.11 views

Code injection

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...

5CVSS7.3AI score0.28661EPSS
Exploits1References5Affected Software1
UbuntuCve
UbuntuCve
added 2023/01/17 10:15 p.m.17 views

CVE-2021-32837

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...

7.5CVSS7.1AI score0.28661EPSS
Exploits1References4
OSV
OSV
added 2023/01/17 10:15 p.m.3 views

PYSEC-2023-25

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...

7.5CVSS5.9AI score0.28661EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2023/01/17 12:0 a.m.6 views

CVE-2021-32837 mechanize vulnerable to ReDoS

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...

7.5CVSS7.6AI score0.28661EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/01/17 12:0 a.m.10 views

Mechanize 安全漏洞

Mechanize is an open source ruby library from Sparkle Motion. It is used to automate interactions with websites. A security vulnerability exists in versions of Mechanize prior to 0.4.6 that stems from vulnerability to regular expression denial of service ReDoS attacks...

7.5CVSS7.1AI score0.28661EPSS
Exploits1References6
CVE
CVE
added 2023/01/17 12:0 a.m.92 views

CVE-2021-32837

CVE-2021-32837 affects python-mechanize; the ReDoS vulnerability is in the regular expression handling and is triggered before the patch. Multiple connected advisories confirm a fix in newer releases (e.g., 0.4.6 and later such as 0.4.8 in openSUSE updates). Affected component: mechanize (Python ...

7.5CVSS7.2AI score0.28661EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2023/01/17 12:0 a.m.24 views

CVE-2021-32837 mechanize vulnerable to ReDoS

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...

7.5CVSS7.5AI score0.28661EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2023/01/17 12:0 a.m.19 views

CVE-2021-32837

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...

7.5CVSS7.4AI score0.28661EPSS
Exploits1
Rows per page
Query Builder