312 matches found
PT-2022-25268 · Unknown +4 · Knot Resolver +4
Name of the Vulnerable Software and Affected Versions: Knot Resolver versions prior to 5.5.3 Description: The issue allows remote attackers to cause a denial of service due to algorithmic complexity, resulting in CPU consumption. This occurs when an authoritative server returns large NS sets or...
CVE-2022-40188
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service CPU consumption because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets...
CVE-2022-40188
CVE-2022-40188 affects Knot Resolver prior to version 5.5.3. The issue is a remote denial-of-service via CPU consumption caused by algorithmic complexity when an attack results in large nameserver or address sets being returned by an authoritative server. Public advisories (NVD entry and various ...
CVE-2022-40188
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service CPU consumption because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets...
The vulnerability of the Python interpreter, related to errors in the conversion of data types `int` and `str`, allows attackers to trigger a service failure due to algorithmic complexity.
The vulnerability of the Python interpreter is related to errors during the conversion of data types int and str. Exploiting this vulnerability can allow an attacker to trigger a service failure due to the computational complexity involved...
[slackware-security] python3
New python3 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/python3-3.9.14-i586-1slack15.0.txz: Upgraded. This is a security and bugfix release. gh-95778: Converting between int and str in bas...
Ubuntu: Security Advisory (USN-4517-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OpenStack Nova Denial of Service in network source security groups
Algorithmic complexity vulnerability in OpenStack Compute Nova before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service nova-network consumption via a large number of...
GHSA-9J7M-RJQX-48VH RubyGems Regular Expression Denial of Service vulnerability
Algorithmic complexity vulnerability in Gem::Version::VERSIONPATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service CPU...
GHSA-6FXM-66HQ-FC96 Uncontrolled Resource Consumption in Apache Commons Compress
Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream BZip2CompressorOutputStream in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service CPU consumption via a file with many repeating inputs...
Uncontrolled Resource Consumption in Apache Commons Compress
Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream BZip2CompressorOutputStream in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service CPU consumption via a file with many repeating inputs...
Inefficient Algorithmic Complexity in Apache Santuario XML Security
jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak "canonicalization...
Django Regex Algorithmic Complexity Causes Denial of Service
Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...
GHSA-P6M5-H7PP-V2X5 Django Regex Algorithmic Complexity Causes Denial of Service
Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...
Django Regex Algorithmic Complexity Causes Denial of Service
Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...
CVE-2022-22153
CVE-2022-22153 affects Junos OS flowd on SRX Series and MX Series with SPC3. A high-rate fragmented-traffic condition (fragmented packets > ~5%) can cause latency or packet loss due to insufficient algorithmic complexity and unthrottled resource allocation. Affected versions are prior to 18.2R...
CVE-2021-41168
Snudown is a reddit-specific fork of the Sundown Markdown parser used by GitHub, with Python integration added. In affected versions snudown was found to be vulnerable to denial of service attacks to its reference table implementation. References written in markdown referencename:...
Design/Logic Flaw
Snudown is a reddit-specific fork of the Sundown Markdown parser used by GitHub, with Python integration added. In affected versions snudown was found to be vulnerable to denial of service attacks to its reference table implementation. References written in markdown referencename:...
Reddit: Hash-Collision Denial-of-Service Vulnerability in Markdown Parser
Summary: We have found three bugs in Reddit's markdown parser. Two of these bugs are exploitable to launch an algorithmic complexity denial-of-service DoS attack. In this report we explain the bugs and exploits. We also show, in a non-disruptive way, that it appears to exist in the current versio...
A vulnerability in the microprogramming software subsystem of the Intel Converged Security and Manageability Engine (CSME) allows a perpetrator to gain unauthorized access to protected information.
The vulnerability in the Intel Converged Security and Manageability Engine CSME microprogramming subsystem is related to algorithmic complexity. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...