17 matches found
EUVD-2026-8866
Inefficient Regular Expression Complexity CWE-1333 in the AI Inference Anonymization Engine in Kibana can lead Denial of Service via Regular Expression Exponential Blowup CAPEC-492...
CVE-2026-26936
Inefficient Regular Expression Complexity CWE-1333 in the AI Inference Anonymization Engine in Kibana can lead Denial of Service via Regular Expression Exponential Blowup CAPEC-492...
CVE-2026-26936 Inefficient Regular Expression Complexity in Kibana Leading to Denial of Service
Inefficient Regular Expression Complexity CWE-1333 in the AI Inference Anonymization Engine in Kibana can lead Denial of Service via Regular Expression Exponential Blowup CAPEC-492...
CVE-2026-26936
CVE-2026-26936 affects Kibana’s AI Inference Anonymization Engine. The issue is an Inefficient Regular Expression Complexity (CWE-1333) that can cause Denial of Service via Regular Expression Exponential Blowup (CAPEC-492). According to the CVE entry, the exploitability is network-based with low ...
PT-2026-22165
Name of the Vulnerable Software and Affected Versions Kibana affected versions not specified Description An issue exists in the AI Inference Anonymization Engine within Kibana that can result in a denial of service. This is due to inefficient regular expression complexity, specifically a regular...
CVE-2025-11175 DiscussionTools should use better regex
Improper Neutralization of Special Elements used in an Expression Language Statement 'Expression Language Injection' vulnerability in The Wikimedia Foundation Mediawiki - DiscussionTools Extension allows Regular Expression Exponential Blowup.This issue affects Mediawiki - DiscussionTools Extensio...
CVE-2025-11175 DiscussionTools should use better regex
Improper Neutralization of Special Elements used in an Expression Language Statement 'Expression Language Injection' vulnerability in The Wikimedia Foundation Mediawiki - DiscussionTools Extension allows Regular Expression Exponential Blowup.This issue affects Mediawiki - DiscussionTools Extensio...
CVE-2025-11175
CVE-2025-11175 concerns the MediaWiki DiscussionTools extension (version 1.44 and 1.43 affected) and is caused by improper neutralization of certain expression language elements, enabling a Regular Expression exponential blowup. Public entries from NVD, Debian security tracker, and related OSV en...
CVE-2026-0668
Inefficient Regular Expression Complexity vulnerability in Wikimedia Foundation MediaWiki - VisualData Extension allows Regular Expression Exponential Blowup.This issue affects MediaWiki - VisualData Extension: 1.45...
CVE-2026-0668
The vulnerability CVE-2026-0668 affects Wikimedia Foundation MediaWiki – VisualData Extension (v1.45). An inefficient Regular Expression can cause a Regular Expression Denial of Service (ReDoS) via crafted user input, enabling a remote attacker to trigger excessive processing time. Affected envir...
JLSEC-2025-164 A flaw was found in GLib
A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service...
Oracle Linux 9 : glib2 (ELSA-2023-6631)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6631 advisory. - Resolve s390x crashes introduced by fixes for CVE-2023-24593/CVE-2023-25180 - Resolve use after free introduced by fixes for...
glib: GVariant deserialisation does not match spec for non-normal data
A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service...
CVE-2023-32665
A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service...
CVE-2023-32665 Gvariant deserialisation does not match spec for non-normal data
A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service...
Fedora 38 : mingw-glib2 (2023-9e5a29a25d)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-9e5a29a25d advisory. Update to glib2-2.74.7. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
SUSE CVE-2023-32665
A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service...