5 matches found
ruby: WEBrick DoS vulnerability (CPU consumption)
Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.splitheadervalue function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of...
CVE-2024-58340 LangChain <= 0.3.1 MRKLOutputParser ReDoS
LangChain versions up to and including 0.3.1 contain a regular expression denial-of-service ReDoS vulnerability in the MRKLOutputParser.parse method libs/langchain/langchain/agents/mrkl/outputparser.py. The parser applies a backtracking-prone regular expression when extracting tool actions from...
Denial Of Service (DoS)
libhtml-stripscripts is vulnerable to denial of service DoS. The perl module which removes html scripts is causing this vulnerability by backtracking for HTML content with specially crafted style attributes. This causes regular expression denial of service...
MGASA-2013-0297 Updated ruby-RubyGems package fixes security vulnerabilies
Updated ruby-RubyGems package fixes security vulnerability: RubyGems validates versions with a regular expression that is vulnerable to denial of service due to a backtracking regular expression. For specially crafted RubyGems versions attackers can cause denial of service through CPU consumption...
ruby -- DoS vulnerability in WEBrick
The official ruby site reports: WEBrick::HTTP::DefaultFileHandler is faulty of exponential time taking requests due to a backtracking regular expression in WEBrick::HTTPUtils.splitheadervalue...