DEBIAN-CVE-2023-24038

The HTML-StripScripts module through 1.06 for Perl allows hssattvalstyle ReDoS because of catastrophic backtracking for HTML content with certain style attributes...

CVE-2023-24038

The HTML-StripScripts module through 1.06 for Perl allows hssattvalstyle ReDoS because of catastrophic backtracking for HTML content with certain style attributes...

CVE-2023-24038

The HTML-StripScripts module through 1.06 for Perl allows hssattvalstyle ReDoS because of catastrophic backtracking for HTML content with certain style attributes...

Hardcoded credentials

The HTML-StripScripts module through 1.06 for Perl allows hssattvalstyle ReDoS because of catastrophic backtracking for HTML content with certain style attributes...

CVE-2023-24038

The HTML-StripScripts module through 1.06 for Perl allows hssattvalstyle ReDoS because of catastrophic backtracking for HTML content with certain style attributes...

CVE-2023-24038

The HTML-StripScripts module through 1.06 for Perl allows hssattvalstyle ReDoS because of catastrophic backtracking for HTML content with certain style attributes...

CVE-2023-24038

CVE-2023-24038 affects the Perl module HTML-StripScripts (through version 1.06). The vulnerability is a ReDoS due to catastrophic backtracking when parsing HTML containing certain style attributes, potentially impacting availability. Affected component is html-strip-scripts logic in Perl; multipl...

Fedora 36 : yarnpkg (2023-18fd476362)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-18fd476362 advisory. Add patches for CVE-2021-43138, CVE-2022-3517, CVE-2020-7677 Tenable has extracted the preceding description block directly from the Fedora security...

CVE-2023-24038

The HTML-StripScripts module through 1.06 for Perl allows hssattvalstyle ReDoS because of catastrophic backtracking for HTML content with certain style attributes...

Regular Expression Denial Of Service (ReDoS)

rack is vulnerable to Regular Expression Denial of Service ReDoS attacks. The vulnerability exists in the Range header parsing component of the library, which allows an attacker to significantly slow down the processing via passing a carefully crafted input...

Regular Expression Denial Of Service (ReDoS)

activesupport is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists due to the insecure Regex pattern used in the underscore function of methods.rb, allowing an attacker to crash the application by providing a maliciously crafted string...

Regular Expression Denial Of Service (ReDoS)

globalid is vulnerable to Regular Expression Denial of Service ReDoS attacks. The vulnerability exists in the model name parsing section of the library, which allows an attacker to significantly slow down the processing time via passing a carefully crafted input...

GHSA-93PM-5P5F-3GHX Denial of Service Vulnerability in Rack Content-Disposition parsing

There is a denial of service vulnerability in the Content-Disposition parsing component of Rack. This vulnerability has been assigned the CVE identifier CVE-2022-44571. Versions Affected: = 2.0.0 Not affected: None. Fixed Versions: 2.0.9.2, 2.1.4.2, 2.2.6.1, 3.0.0.1 Impact Carefully crafted input...

GHSA-P84V-45XJ-WWQJ ReDoS based DoS vulnerability in Action Dispatch

There is a possible regular expression based DoS vulnerability in Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2023-22792. Versions Affected: = 3.0.0 Not affected: 3.0.0 Fixed Versions: 5.2.8.15 Rails LTS, 6.1.7.1, 7.0.4.1 Impact Specially crafted cookies, in...

ReDoS based DoS vulnerability in Active Support's underscore

There is a possible regular expression based DoS vulnerability in Active Support. This vulnerability has been assigned the CVE identifier CVE-2023-22796. Versions Affected: All Not affected: None Fixed Versions: 5.2.8.15 Rails LTS, which is a paid service and not part of the rubygem, 6.1.7.1,...

GHSA-J6GC-792M-QGM2 ReDoS based DoS vulnerability in Active Support's underscore

There is a possible regular expression based DoS vulnerability in Active Support. This vulnerability has been assigned the CVE identifier CVE-2023-22796. Versions Affected: All Not affected: None Fixed Versions: 5.2.8.15 Rails LTS, which is a paid service and not part of the rubygem, 6.1.7.1,...

ReDoS based DoS vulnerability in Action Dispatch

There is a possible regular expression based DoS vulnerability in Action Dispatch related to the If-None-Match header. This vulnerability has been assigned the CVE identifier CVE-2023-22795. Versions Affected: All Not affected: None Fixed Versions: 5.2.8.15 Rails LTS, 6.1.7.1, 7.0.4.1 Impact A...

GHSA-23C2-GWP5-PXW9 ReDoS based DoS vulnerability in GlobalID

There is a ReDoS based DoS vulnerability in the GlobalID gem. This vulnerability has been assigned the CVE identifier CVE-2023-22799. Versions Affected: = 0.2.1 Not affected: NOTAFFECTED Fixed Versions: 1.0.1 Impact There is a possible DoS vulnerability in the model name parsing section of the...

GHSA-H452-7996-H45H cookiejar Regular Expression Denial of Service via Cookie.parse function

Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service ReDoS via the Cookie.parse function and other aspects of the API, which use an insecure regular expression for parsing cookie values. Applications could be stalled for extended periods of time if...

CVE-2022-25901

Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service ReDoS via the Cookie.parse function, which uses an insecure regular expression...