187 matches found
Azure Linux 3.0 Security Update: coredns / ig / keda (CVE-2025-29786)
The version of coredns / ig / keda installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-29786 advisory. - Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if th...
github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input
A flaw was found in Expr. This vulnerability allows excessive memory usage and potential out-of-memory OOM crashes via unbounded input strings, where a malicious or inadvertent large expression can cause the parser to construct an extremely large Abstract Syntax Tree AST, consuming excessive memo...
github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input
A flaw was found in Expr. This vulnerability allows excessive memory usage and potential out-of-memory OOM crashes via unbounded input strings, where a malicious or inadvertent large expression can cause the parser to construct an extremely large Abstract Syntax Tree AST, consuming excessive memo...
Denial Of Service
github.com/expr-lang/expr is vulnerable to Denial of Service. The vulnerability is due to the absence of input size restrictions, allowing the parser to process arbitrarily large expressions...
SUSE CVE-2025-29786
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...
GO-2025-3525 Memory Exhaustion in Expr Parser with Unrestricted Input in github.com/expr-lang/expr
Memory Exhaustion in Expr Parser with Unrestricted Input in github.com/expr-lang/expr...
Memory Exhaustion in Expr Parser with Unrestricted Input
Impact If the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios where input size isn’t limited, a malicious or inadvertent extremely large expression c...
CVE-2025-29786
A flaw was found in Expr. This vulnerability allows excessive memory usage and potential out-of-memory OOM crashes via unbounded input strings, where a malicious or inadvertent large expression can cause the parser to construct an extremely large Abstract Syntax Tree AST, consuming excessive...
AZL-58861 CVE-2025-29786 affecting package keda for versions less than 2.14.1-5
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...
CVE-2025-29786
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...
DEBIAN-CVE-2025-29786
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...
CVE-2025-29786 Memory Exhaustion in Expr Parser with Unrestricted Input
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...
CVE-2025-29786 Memory Exhaustion in Expr Parser with Unrestricted Input
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...
CVE-2025-29786 Memory Exhaustion in Expr Parser with Unrestricted Input
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...
Expr 安全漏洞
Expr is an expression language and expression evaluation for Go open-sourced by Expr. A security vulnerability exists in versions of Expr prior to 1.17.0, which stems from an unlimited input size that could lead to memory exhaustion...
PT-2025-11483
Name of the Vulnerable Software and Affected Versions Expr versions prior to 1.17.0 Description The issue arises when the Expr expression parser is given an unbounded input string, causing it to attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of th...
CLSA-2024-1719932549 kernel: Fix of 20 CVEs
net: iptunnel: make sure to pull inner header in iptunnelrcv CVE-2024-26882 - net: Set true network header for ECN decapsulation CVE-2024-26882 - media: dvb-core: Fix use-after-free due to race at dvbregisterdevice CVE-2022-45884 - media: dvbdev: fix error logic at dvbregisterdevice...
Fedora: Security Advisory for rust-uu_expr (FEDORA-2024-40ee18b2e7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for rust-uu_expr (FEDORA-2024-ce2936b568)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: rust-uu_expr-0.0.23-3.fc40
expr uutils display the value of EXPRESSION...