PT-2025-28150 · Hugging Face · Transformers

Name of the Vulnerable Software and Affected Versions: huggingface/transformers version 4.49.0 Description: A Regular Expression Denial of Service ReDoS vulnerability was discovered in the huggingface/transformers repository. The vulnerability is due to inefficient regular expression complexity i...

string-math's string-math.js vulnerability can cause Regex Denial of Service (ReDoS)

string-math v1.2.2 was discovered to contain a Regex Denial of Service ReDoS which is exploited via a crafted input...

CVE-2025-48059

PowSyBl Power System Blocks is a framework to build power system oriented software. In com.powsybl:powsybl-iidm-criteria versions 6.3.0 to before 6.7.2 and com.powsybl:powsybl-contingency-api versions 5.0.0 to before 6.3.0, there is a a potential polynomial Regular Expression Denial of Service...

CVE-2025-48058

PowSyBl Power System Blocks is a framework to build power system oriented software. Prior to version 6.7.2, there is a potential polynomial Regular Expression Denial of Service ReDoS vulnerability in the PowSyBl's DataSource mechanism. If successfully exploited, a malicious actor can cause...

CVE-2025-48059

PowSyBl Power System Blocks is a framework to build power system oriented software. In com.powsybl:powsybl-iidm-criteria versions 6.3.0 to before 6.7.2 and com.powsybl:powsybl-contingency-api versions 5.0.0 to before 6.3.0, there is a a potential polynomial Regular Expression Denial of Service...

CVE-2025-48059 PowSyBl Core Contains a Polynomial ReDoS in RegexCriterion

PowSyBl Power System Blocks is a framework to build power system oriented software. In com.powsybl:powsybl-iidm-criteria versions 6.3.0 to before 6.7.2 and com.powsybl:powsybl-contingency-api versions 5.0.0 to before 6.3.0, there is a a potential polynomial Regular Expression Denial of Service...

CVE-2025-48059

PowSyBl Core contains a polynomial Regular Expression Denial of Service (ReDoS) in the RegexCriterion class used by powsybl-iidm-criteria (versions 6.3.0–6.7.1 and powsybl-contingency-api 5.0.0–6.3.0). The vulnerability arises from unvalidated user-supplied regex patterns compiled and evaluated a...

CVE-2025-48058 PowSyBl Core contains Polynomial REDoS’es

PowSyBl Power System Blocks is a framework to build power system oriented software. Prior to version 6.7.2, there is a potential polynomial Regular Expression Denial of Service ReDoS vulnerability in the PowSyBl's DataSource mechanism. If successfully exploited, a malicious actor can cause...

PowSyBl Core Contains a Polynomial ReDoS in RegexCriterion

Impact What kind of vulnerability is it? Who is impacted? This is an advisory for a potential polynomial Regular Expression Denial of Service ReDoS vulnerability in the RegexCriterion class. This class compiles and evaluates an unvalidated, user-supplied regular expression against the identifier ...

GHSA-8QJW-9XGM-C9FF PowSyBl Core Contains a Polynomial ReDoS in RegexCriterion

Impact What kind of vulnerability is it? Who is impacted? This is an advisory for a potential polynomial Regular Expression Denial of Service ReDoS vulnerability in the RegexCriterion class. This class compiles and evaluates an unvalidated, user-supplied regular expression against the identifier ...

PowSyBl Core contains Polynomial REDoS’es

Impact What kind of vulnerability is it? Who is impacted? This is an advisory for a potential polynomial Regular Expression Denial of Service ReDoS vulnerability in the PowSyBl's DataSource mechanism. When the listNamesString regex method is called on a DataSource, the user-supplied regular...

GHSA-RQPX-F6RC-7HM5 PowSyBl Core contains Polynomial REDoS’es

Impact What kind of vulnerability is it? Who is impacted? This is an advisory for a potential polynomial Regular Expression Denial of Service ReDoS vulnerability in the PowSyBl's DataSource mechanism. When the listNamesString regex method is called on a DataSource, the user-supplied regular...

PT-2025-26255 · Powsybl · Powsybl

Name of the Vulnerable Software and Affected Versions: PowSyBl versions prior to 6.7.2 Description: The issue is a potential polynomial Regular Expression Denial of Service ReDoS vulnerability in the PowSyBl's DataSource mechanism. This vulnerability can be exploited when the listNamesString rege...

PT-2025-26258 · Unknown · Powsybl-Iidm-Criteria +1

Name of the Vulnerable Software and Affected Versions: com.powsybl:powsybl-iidm-criteria versions 6.3.0 through 6.7.1 com.powsybl:powsybl-contingency-api versions 5.0.0 through 5.0.0 Description: The issue is a potential polynomial Regular Expression Denial of Service ReDoS vulnerability in the...

TencentOS Server 3: python-mako (TSSA-2023:0137)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0137 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 4: python-pygments (TSSA-2025:0126)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0126 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 3: python-jinja2 (TSSA-2022:0187)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0187 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 4: python-sqlparse (TSSA-2024:0917)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0917 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 3: python3.11 (TSSA-2024:0800)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0800 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 3: nodejs-nodemon (TSSA-2023:0050)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0050 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...