9244 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-46913
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set element expression template memcpy breaks when using connlimi...
Linux Distros Unpatched Vulnerability : CVE-2022-25758
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service ReDoS via the loadAnnotation function, due to the usage of insecur...
Linux Distros Unpatched Vulnerability : CVE-2024-22641
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TCPDF version 6.6.5 and before is vulnerable to ReDoS Regular Expression Denial of Service if parsing an untrusted SVG file. CVE-2024-22641 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2024-4067
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The NPM package micromatch prior to 4.0.8 is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability occurs in micromatch.braces in index.js...
Linux Distros Unpatched Vulnerability : CVE-2023-31606
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Regular Expression Denial of Service ReDoS issue was discovered in the sanitizehtml function of redcloth gem v4.0.0. This vulnerability allows attackers to...
K000150231: PCRE vulnerabilities CVE-2017-6004, CVE-2019-20838, and CVE-2014-8964
Security Advisory Description CVE-2017-6004 The compilebracketmatchingpath function in pcrejitcompile.c in PCRE through 8.x before revision 1680 e.g., the PHP 7.1.1 bundled version allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted regular...
DEBIAN-CVE-2025-1934
It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it. This vulnerability was fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...
CVE-2025-1934
It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it. This vulnerability affects Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...
UBUNTU-CVE-2025-1934
It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it. This vulnerability was fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...
AZL-57791 CVE-2025-27220 affecting package ruby for versions less than 3.1.4-9
In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service ReDoS vulnerability exists in the UtilescapeElement method...
CVE-2025-27220
In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service ReDoS vulnerability exists in the UtilescapeElement method...
DEBIAN-CVE-2025-27220
In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service ReDoS vulnerability exists in the UtilescapeElement method...
UBUNTU-CVE-2025-27220
In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service ReDoS vulnerability exists in the UtilescapeElement method...
Linux Distros Unpatched Vulnerability : CVE-2021-23437
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function. CVE-2021-23437 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2015-3217
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service stack-based buffe...
Linux Distros Unpatched Vulnerability : CVE-2021-23362
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service ReDoS via regular expression shortcutMatch in the fromUrl functi...
Linux Distros Unpatched Vulnerability : CVE-2021-21252
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package jquery-validation. jquery-validation before...
Linux Distros Unpatched Vulnerability : CVE-2021-29063
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Regular Expression Denial of Service ReDOS vulnerability was discovered in Mpmath v1.0.0 through v1.2.1 when the mpmathify function is called. CVE-2021-29063...
Linux Distros Unpatched Vulnerability : CVE-2015-2327
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCRE before 8.36 mishandles the /a\2|a\g/ pattern and related patterns with certain internal recursive back references, which allows remote attackers to cause a...
Regular Expression Denial of Service (ReDoS)
Overview cgi is a Support for the Common Gateway Interface protocol. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the UtilescapeElement method. An attacker can cause high CPU consumption by providing malicious input. Details Denial of Service...