14 matches found
CVE-2026-49477
A flaw was found in soupsieve, a CSS selector library. This vulnerability allows a remote attacker to cause a Denial of Service DoS by supplying specially crafted, untrusted CSS selector strings. The flaw occurs due to a regular expression vulnerable to catastrophic backtracking when processing a...
CVE-2026-49476
A flaw was found in soupsieve, a CSS selector library used with Beautiful Soup 4. This vulnerability allows a remote attacker to cause a denial of service DoS by supplying a specially crafted CSS selector string. The parser allocates unbounded memory when compiling large, comma-separated selector...
CVE-2026-49476
Soup Sieve is a CSS selector library designed to be used with Beautiful Soup 4. Prior to 2.8.4, the CSS selector parser in soupsieve allocates unbounded memory when compiling large comma-separated selector lists, allowing an attacker who can supply a crafted selector string to soupsieve.compile o...
OPENSUSE-SU-2026:21342-1 Security update for python-soupsieve
This update for python-soupsieve fixes the following issues - CVE-2026-49476: Memory Exhaustion via Large Comma-Separated Selector Lists bsc1271187. - CVE-2026-49477: Regular Expression Denial of Service ReDoS via Selector Parser bsc1271188...
CVE-2026-49476
creationtimestamp| type| source ---|---|--- 2026-07-09 14:35:15+00:00| published-proof-of-concept| https://github.com/facelessuser/soupsieve/security/advisories/GHSA-2wc2-fm75-p42x...
CVE-2026-49477
creationtimestamp| type| source ---|---|--- 2026-07-09 14:35:12+00:00| published-proof-of-concept| https://github.com/facelessuser/soupsieve/security/advisories/GHSA-836r-79rf-4m37...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the compile function. An attacker can cause excessive memory consumption by supplying a large comma-separated selector list, leading to process termination or degraded system...
Soup Sieve has Memory Exhaustion via Large Comma-Separated Selector Lists
Summary The CSS selector parser in soupsieve the CSS selector engine for Beautiful Soup 4 allocates unbounded memory when compiling large comma-separated selector lists. An attacker who can supply a crafted CSS selector string to soupsieve.compile or Beautiful Soup's .select / .selectone can caus...
PT-2026-56840
Name of the Vulnerable Software and Affected Versions soupsieve affected versions not specified Description The CSS selector parser in soupsieve contains a regular expression vulnerable to catastrophic backtracking, which occurs when the regex engine takes an exponential amount of time to process...
PT-2026-56839
Name of the Vulnerable Software and Affected Versions soupsieve affected versions not specified Description The CSS selector parser in soupsieve allocates unbounded memory when compiling large comma-separated selector lists. An attacker can provide a crafted CSS selector string to soupsieve.compi...
soupsieve: Soupsieve: Denial of Service via crafted CSS selector strings
A flaw was found in soupsieve, a CSS selector library. This vulnerability allows a remote attacker to cause a Denial of Service DoS by supplying specially crafted, untrusted CSS selector strings. The flaw occurs due to a regular expression vulnerable to catastrophic backtracking when processing a...
soupsieve: python-soupsieve: Soupsieve: Denial of Service via crafted CSS selector string
A flaw was found in soupsieve, a CSS selector library used with Beautiful Soup 4. This vulnerability allows a remote attacker to cause a denial of service DoS by supplying a specially crafted CSS selector string. The parser allocates unbounded memory when compiling large, comma-separated selector...
OPENSUSE-SU-2026:21063-1 Security update for python-Markdown, python-joblib, python-handy-archives, python-apache-libcloud, python-WebOb, python-PyGithub, python-soupsieve
This update for python-Markdown, python-joblib, python-handy-archives, python-apache-libcloud, python-WebOb, python-PyGithub, python-soupsieve fixes the following issues: Changes in python-Markdown: - Fix tests with latest python version bsc1268243 Changes in python-joblib: - Update to 1.5.2:...
SUSE-SU-2026:22370-1 Security update for python-Markdown, python-joblib, python-handy-archives, python-apache-libcloud, python-WebOb, python-PyGithub, python-soupsieve
This update for python-Markdown, python-joblib, python-handy-archives, python-apache-libcloud, python-WebOb, python-PyGithub, python-soupsieve fixes the following issues: Changes in python-Markdown: - Fix tests with latest python version bsc1268243 Changes in python-joblib: - Update to 1.5.2:...