139 matches found
MGASA-2023-0036 Updated python-mechanize packages fix security vulnerability
Denial of service via crafted regular expression CVE-2021-32837 Fixed mechanize not found during build...
Updated python-mechanize packages fix security vulnerability
Denial of service via crafted regular expression CVE-2021-32837 Fixed mechanize not found during build...
openSUSE 15 Security Update : python-mechanize (openSUSE-SU-2023:0030-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0030-1 advisory. - mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial...
OPENSUSE-SU-2023:0030-1 Security update for python-mechanize
This update for python-mechanize fixes the following issues: Update to version 0.4.8: - CVE-2021-32837: Fixed a denial of service via regular expression boo1207242. - Fixed mechanize not found during build boo1202003...
Security update for python-mechanize (moderate)
openSUSE Security Update: Security update for python-mechanize Announcement ID: openSUSE-SU-2023:0030-1 Rating: moderate References: 1202003 1207242 Cross-References: CVE-2021-32837 Affected Products: openSUSE Backports SLE-15-SP4 An update that solves one vulnerability and has one errata is now...
GHSA-G3PV-PJ5F-3HFQ mechanize Regular Expression Denial of Service vulnerability
mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...
mechanize Regular Expression Denial of Service vulnerability
mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...
CVE-2021-32837
mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...
CVE-2021-32837
mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...
DEBIAN-CVE-2021-32837
mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...
PYSEC-2023-25
mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...
UBUNTU-CVE-2021-32837
mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...
Code injection
mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...
CVE-2021-32837
mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...
PYSEC-2023-25
mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...
CVE-2021-32837 mechanize vulnerable to ReDoS
mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...
Mechanize 安全漏洞
Mechanize is an open source ruby library from Sparkle Motion. It is used to automate interactions with websites. A security vulnerability exists in versions of Mechanize prior to 0.4.6 that stems from vulnerability to regular expression denial of service ReDoS attacks...
CVE-2021-32837
CVE-2021-32837 affects python-mechanize; the ReDoS vulnerability is in the regular expression handling and is triggered before the patch. Multiple connected advisories confirm a fix in newer releases (e.g., 0.4.6 and later such as 0.4.8 in openSUSE updates). Affected component: mechanize (Python ...
CVE-2021-32837 mechanize vulnerable to ReDoS
mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...
CVE-2021-32837
mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service ReDoS prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for t...