Lucene search
+L

14 matches found

redhatcve
redhatcve
added yesterday4 views

CVE-2026-49477

A flaw was found in soupsieve, a CSS selector library. This vulnerability allows a remote attacker to cause a Denial of Service DoS by supplying specially crafted, untrusted CSS selector strings. The flaw occurs due to a regular expression vulnerable to catastrophic backtracking when processing a...

7.5CVSS6.1AI score0.00601EPSS
Exploits0References6
redhatcve
redhatcve
added yesterday6 views

CVE-2026-49476

A flaw was found in soupsieve, a CSS selector library used with Beautiful Soup 4. This vulnerability allows a remote attacker to cause a denial of service DoS by supplying a specially crafted CSS selector string. The parser allocates unbounded memory when compiling large, comma-separated selector...

7.5CVSS6.1AI score0.00601EPSS
Exploits0References6
nvd
nvd
added 2 days ago5 views

CVE-2026-49476

Soup Sieve is a CSS selector library designed to be used with Beautiful Soup 4. Prior to 2.8.4, the CSS selector parser in soupsieve allocates unbounded memory when compiling large comma-separated selector lists, allowing an attacker who can supply a crafted selector string to soupsieve.compile o...

7.5CVSS0.00601EPSS
Exploits0References3
osv
osv
added 2 days ago2 views

OPENSUSE-SU-2026:21342-1 Security update for python-soupsieve

This update for python-soupsieve fixes the following issues - CVE-2026-49476: Memory Exhaustion via Large Comma-Separated Selector Lists bsc1271187. - CVE-2026-49477: Regular Expression Denial of Service ReDoS via Selector Parser bsc1271188...

7.5CVSS6.1AI score0.00601EPSS
Exploits0References4
circl
circl
added last week8 views

CVE-2026-49476

creationtimestamp| type| source ---|---|--- 2026-07-09 14:35:15+00:00| published-proof-of-concept| https://github.com/facelessuser/soupsieve/security/advisories/GHSA-2wc2-fm75-p42x...

7.5CVSS5.9AI score0.00601EPSS
Exploits0References1
circl
circl
added last week7 views

CVE-2026-49477

creationtimestamp| type| source ---|---|--- 2026-07-09 14:35:12+00:00| published-proof-of-concept| https://github.com/facelessuser/soupsieve/security/advisories/GHSA-836r-79rf-4m37...

7.5CVSS5.9AI score0.00601EPSS
Exploits0References1
snyk
snyk
added last week3 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the compile function. An attacker can cause excessive memory consumption by supplying a large comma-separated selector list, leading to process termination or degraded system...

8.7CVSS6.1AI score0.00601EPSS
Exploits0References2
github
github
added last week7 views

Soup Sieve has Memory Exhaustion via Large Comma-Separated Selector Lists

Summary The CSS selector parser in soupsieve the CSS selector engine for Beautiful Soup 4 allocates unbounded memory when compiling large comma-separated selector lists. An attacker who can supply a crafted CSS selector string to soupsieve.compile or Beautiful Soup's .select / .selectone can caus...

7.5CVSS6AI score0.00601EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2026/07/09 12:0 a.m.9 views

PT-2026-56840

Name of the Vulnerable Software and Affected Versions soupsieve affected versions not specified Description The CSS selector parser in soupsieve contains a regular expression vulnerable to catastrophic backtracking, which occurs when the regex engine takes an exponential amount of time to process...

7.5CVSS6.1AI score0.00601EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/07/09 12:0 a.m.11 views

PT-2026-56839

Name of the Vulnerable Software and Affected Versions soupsieve affected versions not specified Description The CSS selector parser in soupsieve allocates unbounded memory when compiling large comma-separated selector lists. An attacker can provide a crafted CSS selector string to soupsieve.compi...

7.5CVSS6.1AI score0.00601EPSS
Exploits0References7
redhat
redhat
added 2026/07/01 9:0 a.m.2 views

soupsieve: Soupsieve: Denial of Service via crafted CSS selector strings

A flaw was found in soupsieve, a CSS selector library. This vulnerability allows a remote attacker to cause a Denial of Service DoS by supplying specially crafted, untrusted CSS selector strings. The flaw occurs due to a regular expression vulnerable to catastrophic backtracking when processing a...

7.5CVSS6.1AI score0.00601EPSS
Exploits0References7
redhat
redhat
added 2026/07/01 9:0 a.m.2 views

soupsieve: python-soupsieve: Soupsieve: Denial of Service via crafted CSS selector string

A flaw was found in soupsieve, a CSS selector library used with Beautiful Soup 4. This vulnerability allows a remote attacker to cause a denial of service DoS by supplying a specially crafted CSS selector string. The parser allocates unbounded memory when compiling large, comma-separated selector...

7.5CVSS6.1AI score0.00601EPSS
Exploits0References7
osv
osv
added 2026/06/26 7:41 a.m.2 views

OPENSUSE-SU-2026:21063-1 Security update for python-Markdown, python-joblib, python-handy-archives, python-apache-libcloud, python-WebOb, python-PyGithub, python-soupsieve

This update for python-Markdown, python-joblib, python-handy-archives, python-apache-libcloud, python-WebOb, python-PyGithub, python-soupsieve fixes the following issues: Changes in python-Markdown: - Fix tests with latest python version bsc1268243 Changes in python-joblib: - Update to 1.5.2:...

6.1CVSS5.8AI score0.00161EPSS
Exploits0References8
osv
osv
added 2026/06/26 7:40 a.m.2 views

SUSE-SU-2026:22370-1 Security update for python-Markdown, python-joblib, python-handy-archives, python-apache-libcloud, python-WebOb, python-PyGithub, python-soupsieve

This update for python-Markdown, python-joblib, python-handy-archives, python-apache-libcloud, python-WebOb, python-PyGithub, python-soupsieve fixes the following issues: Changes in python-Markdown: - Fix tests with latest python version bsc1268243 Changes in python-joblib: - Update to 1.5.2:...

6.1CVSS5.8AI score0.00161EPSS
Exploits0References9
Rows per page
Query Builder