FreeBSD : py27-setuptools44 -- denial of service vulnerability (187ab98e-2953-4495-b379-4060bd4b75ee)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 187ab98e-2953-4495-b379-4060bd4b75ee advisory. - Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of...

FreeBSD : py39-configobj -- vulnerable to Regular Expression Denial of Service (de970aef-d60e-466b-8e30-1ae945a047f1)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the de970aef-d60e-466b-8e30-1ae945a047f1 advisory. - All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS vi...

FreeBSD : py39-setuptools -- denial of service vulnerability (1b38aec4-4149-4c7d-851c-3c4de3a1fbd0)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1b38aec4-4149-4c7d-851c-3c4de3a1fbd0 advisory. - Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of...

Internet Bug Bounty: CVE-2023-28755: ReDoS vulnerability in URI

A ReDoS vulnerability was discovered in the URI component of the Ruby programming language. The vulnerability allowed attackers to cause an increase in execution time for parsing strings to URI objects, resulting in high resource consumption, reduced performance, and denial of service. The...

EulerOS 2.0 SP8 : python-setuptools (EulerOS-SA-2023-1607)

According to the versions of the python-setuptools packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted...

CentOS 8 : nodejs:14 (CESA-2023:1743)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:1743 advisory. - The glob-parent package before 6.0.1 for Node.js allows ReDoS regular expression denial of service attacks against the enclosure regular expression...

Important: Red Hat Security Advisory: rh-nodejs14-nodejs security, bug fix, and enhancement update

An update for rh-nodejs14-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2023-27704

Void Tools Everything lower than v1.4.1.1022 was discovered to contain a Regular Expression Denial of Service ReDoS...

CVE-2023-27704

Void Tools Everything lower than v1.4.1.1022 was discovered to contain a Regular Expression Denial of Service ReDoS...

CVE-2023-27704

Void Tools Everything (pre-1.4.1.1022) is affected by CVE-2023-27704 via a Regular Expression Denial of Service (ReDoS). Root cause relates to regex processing; exploitation could impact availability (per CVSS base metrics). Affected versions: prior to 1.4.1.1022; remediation is to update to 1.4....

RHEL 8 : nodejs:14 (RHSA-2023:1743)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1743 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

python-setuptools security update

An update is available for python-setuptools. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-setuptools package provides a collection of enhancements...

nodejs:18 security, bug fix, and enhancement update

An update is available for nodejs, nodejs-packaging, module.nodejs-packaging, module.nodejs-nodemon, nodejs-nodemon, module.nodejs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Regular Expression Denial Of Service (ReDoS)

angular is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability exists due to inefficient regular expression complexity in the input type element which allows an attacker to crash the application by submitting maliciously crafted input...

Rocky Linux 9 : python-setuptools (RLSA-2023:0952)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:0952 advisory. - Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom...

Rocky Linux 8 : nodejs:16 (RLSA-2023:1582)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:1582 advisory. - The glob-parent package before 6.0.1 for Node.js allows ReDoS regular expression denial of service attacks against the enclosure regular expression...

Rocky Linux 8 : nodejs:18 (RLSA-2023:1583)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:1583 advisory. - The glob-parent package before 6.0.1 for Node.js allows ReDoS regular expression denial of service attacks against the enclosure regular expression...

MediaWiki < 1.35.10, 1.36.x < 1.38.6, 1.39.x < 1.39.3 Multiple Vulnerabilities - Windows

MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...

Oracle Linux 8 : nodejs:16 (ELSA-2023-1582)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-1582 advisory. - Rebase to 16.19.1 Resolves: rhbz2153713 Resolves: CVE-2023-23918 CVE-2023-23919 CVE-2023-23936 CVE-2023-24807 CVE-2023-23920 Resolves: CVE-2022-25881...

GHSA-JC97-H3H9-7XH6 Regular Expression Denial of Service in Deno.upgradeWebSocket API

Impact Versions of the package deno before 1.31.0 are vulnerable to Regular Expression Denial of Service ReDoS due to the upgradeWebSocket function, which contains regexes in the form of /s,s/, used for splitting the Connection/Upgrade header. A specially crafted Connection/Upgrade header can be...