6 matches found
CVE-2023-33290
The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...
cranko (>=0.0.21 <=0.16.0), diener (>=0.1.0 <=0.4.2) +9 more potentially affected by CVE-2023-33290 via git-url-parse (>=0.2.0 <=0.3.1)
git-url-parse CARGO version =0.2.0, =0.0.21, =0.1.0, =0.0.1, =0.0.1, =2.3.0, =0.1.0, =0.3.1, =0.1.1, =0.1.0, =0.2.1 Source cves: CVE-2023-33290 Source advisory: OSV:GHSA-QFH9-8P57-MJJJ...
CVE-2023-33290
The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...
CVE-2023-33290
The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...
CVE-2023-33290
CVE-2023-33290 affects the Rust crate for parsing Git URLs, specifically the git-url-parse crate up to version 0.4.4. The vulnerability is a Regular Expression Denial of Service (ReDoS) via a crafted URL to the normalize_url function in lib.rs. This can lead to high impact on availability (Denial...
CVE-2023-33290
The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...