CVE-2018-1061

A flaw was found in the way catastrophic backtracking was implemented in python's difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...

CVE-2018-7536

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...

CVE-2018-7537

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a...

DEBIAN-CVE-2018-7536

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...

ALPINE-CVE-2018-7536

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...

CVE-2018-7537

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a...

[SECURITY] [DLA 1303-1] python-django security update

Package : python-django Version : 1.4.22-1+deb7u4 CVE ID : CVE-2018-7536 CVE-2018-7537 Several functions were extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in several regular expressions. CVE-2018-7536 The django.utils.html.urlize function was extremel...

CVE-2018-7537

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a...

CVE-2018-7537

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a...

Regular Expression Denial Of Service (ReDoS)

eslint is vulnerable to regular expression denial of service ReDoS attacks. These attacks are possible because there is catastrophic backtracking in the regex used to interpolate keys from an object in markers...

Code injection

The marked package before 0.3.4 for Node.js allows attackers to cause a denial of service CPU consumption via unspecified vectors that trigger a "catastrophic backtracking issue for the em inline rule," aka a "regular expression denial of service ReDoS."...

CVE-2015-8854

The marked package before 0.3.4 for Node.js allows attackers to cause a denial of service CPU consumption via unspecified vectors that trigger a "catastrophic backtracking issue for the em inline rule," aka a "regular expression denial of service ReDoS."...

CVE-2026-45305: YAML Parser ReDoS via Catastrophic Backtracking in Parser::cleanup() Regex

More info at https://symfony.com/cve-2026-45305...