3333 matches found
Ubuntu 18.04 ESM : Django vulnerability (USN-6203-2)
The remote Ubuntu 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6203-2 advisory. USN-6203-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 18.04 ESM. Tenable has extracted the preceding description...
OESA-2023-1440 python-django security update
A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS regular expression denial of service attack via a...
SUSE CVE-2022-40896
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...
Amazon Linux 2023 : python3-configobj (ALAS2023-2023-254)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-254 advisory. All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?.. Note: This is only exploitable in the case of a developer,...
Amazon Linux 2 : python3-pygments (ALAS-2023-2117)
The version of python3-pygments installed on the remote host is prior to 2.2.0-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2117 advisory. In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some...
Pygments vulnerable to ReDoS
A ReDoS issue was discovered in pygments/lexers/smithy.py in Pygments until 2.15.0 via SmithyLexer...
GHSA-MRWQ-X4V8-FH7P Pygments vulnerable to ReDoS
A ReDoS issue was discovered in pygments/lexers/smithy.py in Pygments until 2.15.0 via SmithyLexer...
CVE-2022-40896
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...
CVE-2022-40896
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...
AZL-35139 CVE-2022-40896 affecting package python-pygments for versions less than 2.4.2-1
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...
CVE-2022-40896
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...
Authentication flaw
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...
CVE-2022-40896
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...
PYSEC-2023-117
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...
Low: python-configobj
Issue Overview: All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?\.\. Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file. CVE-2023-26112...
Medium: python-setuptools
Issue Overview: Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service ReDoS in packageindex.py. CVE-2022-40897 Affected Packages:...
CVE-2022-40896
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...
CVE-2022-40896
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...
Medium: python3-pygments
Issue Overview: In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a...
CVE-2022-40896
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...