6 matches found
EUVD-2024-2385
Malicious code in bioql PyPI...
CVE-2024-41818
A regular expression denial of service ReDoS flaw was found in fast-xml-parser in the currency.js script. By sending a specially crafted regex input, a remote attacker could cause a denial of service condition...
GHSA-MPG4-RC92-VX8V fast-xml-parser vulnerable to ReDOS at currency parsing
Summary A ReDOS that exists on currency.js was discovered by Gauss Security Labs R&D team. Details https://github.com/NaturalIntelligence/fast-xml-parser/blob/v4.4.0/src/v5/valueParsers/currency.jsL10 contains a vulnerable regex PoC pass the following string '\t'.repeat13337 + '.' Impact Denial o...
CVE-2024-41818
fast-xml-parser is an open source, pure javascript xml parser. a ReDOS exists on currency.js. This vulnerability is fixed in 4.4.1...
CVE-2024-41818
Technical details about CVE-2024-41818 are not provided in the connected documents. The initial entry notes a ReDoS in currency.js fixed in 4.4.1. Monitor for updates.
CVE-2024-41818 ReDOS at currency parsing fast-xml-parser
fast-xml-parser is an open source, pure javascript xml parser. a ReDOS exists on currency.js. This vulnerability is fixed in 4.4.1...