Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2026/05/18 9:0 p.m.4 views

1byte-react-design (>=1.7.1 <=1.14.0), @aaf-comp/graph-widget (>=1.0.0 <=1.0.3) +250 more potentially affected by unknown CVE via @antv/expr (=1.0.2)

@antv/expr NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/expr and may be impacted: - 1byte-react-design =1.7.1, =1.0.0, =1.1.43, =1.0.1, =0.14.3, =2.0.0, =2.0.0, =1.0.0, =2.0.0, =3.0.3, =3.0.0, =0.5.6, =5.1.5, =0.1.6, =0.1.0,...

5.7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/18 9:0 p.m.5 views

1byte-react-design (>=1.7.1 <=1.14.0), @aaf-comp/graph-widget (>=1.0.0 <=1.0.3) +250 more potentially affected by unknown CVE via @antv/expr (=1.0.2)

@antv/expr NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/expr and may be impacted: - 1byte-react-design =1.7.1, =1.0.0, =1.1.43, =1.0.1, =0.14.3, =2.0.0, =2.0.0, =1.0.0, =2.0.0, =3.0.3, =3.0.0, =0.5.6, =5.1.5, =0.1.6, =0.1.0,...

5.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/12/18 6:53 p.m.2 views

github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation

A flaw was found in Expr, an expression language and expression evaluation for Go. This vulnerability allows a denial of service DoS via recursive traversal over user-provided deeply nested or cyclic data structures without enforcing a maximum recursion depth, leading to a stack overflow panic an...

7.5CVSS5.8AI score0.00377EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.4 views

Expr 安全漏洞

Expr is an expression language and expression evaluation for Go open-sourced by Expr. A security vulnerability exists in versions of Expr prior to 1.17.7, which stems from multiple built-in functions that do not enforce maximum recursion depth, potentially resulting in a stack overflow and proces...

7.5CVSS6.7AI score0.00377EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/03/17 5:23 p.m.14 views

CVE-2025-29786

A flaw was found in Expr. This vulnerability allows excessive memory usage and potential out-of-memory OOM crashes via unbounded input strings, where a malicious or inadvertent large expression can cause the parser to construct an extremely large Abstract Syntax Tree AST, consuming excessive...

7.5CVSS7.2AI score0.00577EPSS
Exploits0References5
Rows per page
Query Builder