Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/03/22 11:19 a.m.18 views

CVE-2024-8998

A Regular Expression Denial of Service ReDoS vulnerability exists in lunary-ai/lunary version git f07a845. The server uses the regex /.?/ to match user-controlled strings. In the default JavaScript regex engine, this regex can take polynomial time to match certain crafted user inputs. As a result...

7.5CVSS6.7AI score0.00753EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 10:15 a.m.12 views

CVE-2024-8998

A Regular Expression Denial of Service ReDoS vulnerability exists in lunary-ai/lunary version git f07a845. The server uses the regex /.?/ to match user-controlled strings. In the default JavaScript regex engine, this regex can take polynomial time to match certain crafted user inputs. As a result...

7.5CVSS6.9AI score0.00753EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/03/20 10:11 a.m.10 views

CVE-2024-8998 Regular Expression Denial of Service (ReDoS) in lunary-ai/lunary

A Regular Expression Denial of Service ReDoS vulnerability exists in lunary-ai/lunary version git f07a845. The server uses the regex /.?/ to match user-controlled strings. In the default JavaScript regex engine, this regex can take polynomial time to match certain crafted user inputs. As a result...

7.5CVSS7.3AI score0.00753EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/03/20 10:11 a.m.14 views

CVE-2024-8998 Regular Expression Denial of Service (ReDoS) in lunary-ai/lunary

A Regular Expression Denial of Service ReDoS vulnerability exists in lunary-ai/lunary version git f07a845. The server uses the regex /.?/ to match user-controlled strings. In the default JavaScript regex engine, this regex can take polynomial time to match certain crafted user inputs. As a result...

7.5CVSS0.00753EPSS
Exploits1References2
CVE
CVE
added 2025/03/20 10:11 a.m.62 views

CVE-2024-8998

CVE-2024-8998 affects lunary-ai/lunary, where the server uses the regex /{.?}/ to match user-controlled strings. In the default JavaScript engine, this can cause a Regular Expression Denial of Service (ReDoS) with crafted inputs, potentially hanging the server. The issue is fixed in version 1.4.2...

7.5CVSS7.3AI score0.00753EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder