99 matches found
CVE-2024-50623
In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution...
CVE-2024-50623
In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution. Recent assessments: sfewer-r7 at July 11, 2025 9:37am UTC reported: CVE-2024-50623 allows a remote unauthenticated...
PT-2024-10294
Name of the Vulnerable Software and Affected Versions Cleo Harmony versions prior to 5.8.0.21 Cleo VLTrader versions prior to 5.8.0.21 Cleo LexiCom versions prior to 5.8.0.21 Description A critical vulnerability in Cleo's file transfer software is being actively exploited, allowing unauthenticate...
Cleo多款产品 安全漏洞
Cleo LexiCom and others are products of Cleo, Inc.Cleo LexiCom is an integration platform.Cleo Harmony is a file integration solution.Cleo VLTrader is a secure hosted file transfer software. A security vulnerability exists in various Cleo products that stems from the inclusion of a JavaScript...
CVE-2024-50623
In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution...
CVE-2024-50623
CVE-2024-50623 affects Cleo Harmony, Cleo VLTrader, and Cleo LexiCom prior to 5.8.0.21. It is an unrestricted file upload/download flaw that could lead to remote code execution. PoCs exist (e.g., GitHub exploits), and the recommended remediation is to upgrade to 5.8.0.21 or newer. Some connected ...
a-poem (=0.12.3), active-wrapper (>=0.1.0 <=0.1.4) +167 more potentially affected by CVE-2022-42966 via cleo (>=0.6.8 <=1.0.0a5)
cleo PYPI version =0.6.8, =0.1.0, =0.1.3, =0.1.0, =0.1.1, =0.1.0, =0.1.0a0, =0.1.1.1, =0.1.0, =0.2.7, =0.0.465, =0.0.503 and more Source cves: CVE-2022-42966 Source advisory: OSV:GHSA-2P9H-CCW7-33GF...
GHSA-2P9H-CCW7-33GF cleo is vulnerable to Regular Expression Denial of Service (ReDoS)
An exponential ReDoS Regular Expression Denial of Service can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.setrows method...
cleo is vulnerable to Regular Expression Denial of Service (ReDoS)
An exponential ReDoS Regular Expression Denial of Service can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.setrows method...
Regular Expression Denial Of Service (ReDoS)
cleo is vulnerable to regular expression denial of serviceReDoS attacks. A remote attacker is able to cause denial of service conditions via suppling a maliciously crafted input through the Table.setrows method in command.py...
PYSEC-2022-43178
An exponential ReDoS Regular Expression Denial of Service can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.setrows method...
a-poem (=0.12.3), active-wrapper (>=0.1.0 <=0.1.4) +167 more potentially affected by CVE-2022-42966 via cleo (>=0.6.8 <=1.0.0a5)
cleo PYPI version =0.6.8, =0.1.0, =0.1.3, =0.1.0, =0.1.1, =0.1.0, =0.1.0a0, =0.1.1.1, =0.1.0, =0.2.7, =0.0.465, =0.0.503 and more Source cves: CVE-2022-42966 Source advisory: OSV:PYSEC-2022-43178...
CVE-2022-42966
An exponential ReDoS Regular Expression Denial of Service can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.setrows method...
PYSEC-2022-43178
An exponential ReDoS Regular Expression Denial of Service can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.setrows method...
Design/Logic Flaw
An exponential ReDoS Regular Expression Denial of Service can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.setrows method...
CVE-2022-42966
An exponential ReDoS Regular Expression Denial of Service can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.setrows method...
UBUNTU-CVE-2022-42966
An exponential ReDoS Regular Expression Denial of Service can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.setrows method...
Cleo 安全漏洞
Cleo is used to create beautiful and testable command line interfaces. A security vulnerability exists in Cleo. An attacker could exploit this vulnerability to cause a denial of service...
CVE-2022-42966 Exponential ReDoS in cleo leads to denial of service
An exponential ReDoS Regular Expression Denial of Service can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.setrows method...
PT-2022-26685 · Pypi · Cleo
Name of the Vulnerable Software and Affected Versions: cleo affected versions not specified Description: An exponential ReDoS Regular Expression Denial of Service can be triggered in the cleo PyPI package when an attacker is able to supply arbitrary input to the Table.set rows method...