5 matches found
SUSE CVE-2023-30601
Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...
GHSA-5V2H-R2CX-5XGJ Inefficient Regular Expression Complexity in marked
Impact What kind of vulnerability is it? Denial of service. The regular expression inline.reflinkSearch may cause catastrophic backtracking against some strings. PoC is the following. javascript import as marked from 'marked'; console.logmarked.parsex: x \\; Who is impacted? Anyone who runs...
GHSA-RRRM-QJM4-V8HF Inefficient Regular Expression Complexity in marked
Impact What kind of vulnerability is it? Denial of service. The regular expression block.def may cause catastrophic backtracking against some strings. PoC is the following. javascript import as marked from "marked"; marked.parsex:$' '.repeat1500x $' '.repeat1500 x; Who is impacted? Anyone who run...
UBUNTU-CVE-2022-21680
Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression block.def may cause catastrophic backtracking against some strings and lead to a regular expression denial of service ReDoS. Anyone who runs untrusted markdown through a vulnerable version of marked and does...
[ASA-201811-17] libtiff: multiple issues
Arch Linux Security Advisory ASA-201811-17 ========================================== Severity: High Date : 2018-11-20 CVE-ID : CVE-2017-9935 CVE-2017-11613 CVE-2018-18557 CVE-2018-18661 Package : libtiff Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-790 Summary...