EUVD-2024-17241

Malicious code in bioql PyPI...

CVE-2022-39280

dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular expression that is vulnerable to a Regular Expression Denial of Service. All the users parsing index server URLs with dparse are impacted by this vulnerability. A patch has been applied in version...

UBUNTU-CVE-2024-1493

An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, with the processing logic for generating link in dependency files can lead to a regular expression DoS attack on the serve...

CVE-2024-1493

An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, with the processing logic for generating link in dependency files can lead to a regular expression DoS attack on the serve...

CVE-2024-1493 Uncontrolled Resource Consumption in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, with the processing logic for generating link in dependency files can lead to a regular expression DoS attack on the serve...

CVE-2024-1493

Removed by vendor...

GitLab Resource Management Error Vulnerability

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A resource management error vulnerability exists in GitLab CE/EE, which stems...

PT-2024-4736 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 9.2 through 16.11.5 GitLab CE/EE versions 17.0 through 17.0.3 GitLab CE/EE versions 17.1 through 17.1.1 Description: The issue concerns the processing logic for generating links in dependency files, which can lead to a...

FreeBSD : py-dparse -- REDoS vulnerability (83b29e3f-886f-439f-b9a8-72e014479ff9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 83b29e3f-886f-439f-b9a8-72e014479ff9 advisory. - dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular...

CVE-2022-39280

dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular expression that is vulnerable to a Regular Expression Denial of Service. All the users parsing index server URLs with dparse are impacted by this vulnerability. A patch has been applied in version...

py-dparse -- REDoS vulnerability

yeisonvargasf reports: dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular expression that is vulnerable to a Regular Expression Denial of Service. All the users parsing index server URLs with dparse are impacted by this vulnerability. Users unable to...

CVE-2022-39280

CVE-2022-39280 affects the dparse parser (Python dependency files) prior to version 0.5.2. It exposes a Regular Expression Denial of Service via an exploited regex in parsing index server URLs. A patch is available in 0.5.2; upgrade is advised. If upgrading is not feasible, avoid passing index se...

Dependency Parser 资源管理错误漏洞

Dependency Parser is a Python dependency file parser open-sourced by pyup.io. A security vulnerability exists in versions of Dependency Parser prior to 0.5.2, which stems from the fact that its dparse contains a regular expression that is vulnerable to regular expression denial of service attacks...

CVE-2022-39280 Regular expression denial of service in dparse

dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular expression that is vulnerable to a Regular Expression Denial of Service. All the users parsing index server URLs with dparse are impacted by this vulnerability. A patch has been applied in version...