7 matches found
Giskard Has A Regular Expression Denial Of Service (ReDoS) In RegexMatching Check
Summary The RegexMatching check in the "giskard-checks" package passes a user-supplied regular expression pattern directly to Python's re.search without any timeout, complexity guard, or pattern validation. An attacker who can control the regex pattern or the text being matched can craft inputs...
Improper Neutralization of Special Elements Used in a Template Engine
Overview giskard-checks is an Add your description here Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine via the rule parameter in the ConformityCheck class. An attacker can execute arbitrary code by supplying malicious...
Giskard has Unsandboxed Jinja2 Template Rendering in ConformityCheck
Summary The ConformityCheck class in giskard-checks rendered the rule parameter through Jinja2's default Template constructor. Because the rule string is silently interpreted as a Jinja2 template, a developer may not realize that template expressions embedded in rule definitions are evaluated at...
Regular Expression Denial of Service (ReDoS)
Overview giskard-checks is an Add your description here Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in the re.search file. An attacker can cause the process to hang and impact system availability by supplying a crafted regular expression pattern ...
Giskard has a Regular Expression Denial of Service (ReDoS) in RegexMatching Check
Summary The RegexMatching check in the giskard-checks package passes a user-supplied regular expression pattern directly to Python's re.search without any timeout, complexity guard, or pattern validation. An attacker who can control the regex pattern or the text being matched can craft inputs tha...
GHSA-RQ2Q-4R55-9877 Giskard has a Regular Expression Denial of Service (ReDoS) in RegexMatching Check
Summary The RegexMatching check in the giskard-checks package passes a user-supplied regular expression pattern directly to Python's re.search without any timeout, complexity guard, or pattern validation. An attacker who can control the regex pattern or the text being matched can craft inputs tha...
PT-2026-32984
Name of the Vulnerable Software and Affected Versions giskard-checks versions prior to 1.0.2b1 Description The ConformityCheck class rendered the rule parameter through Jinja2's default Template constructor, which silently interpreted template expressions at runtime. If check definitions are load...