EUVD-2023-1869

Malicious code in bioql PyPI...

CVE-2023-33290

The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...

SUSE CVE-2023-33290

The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...

git-url-parse crate vulnerable to Regular Expression Denial of Service

The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...

cranko (>=0.0.21 <=0.16.0), diener (>=0.1.0 <=0.4.2) +9 more potentially affected by CVE-2023-33290 via git-url-parse (>=0.2.0 <=0.3.1)

git-url-parse CARGO version =0.2.0, =0.0.21, =0.1.0, =0.0.1, =0.0.1, =2.3.0, =0.1.0, =0.3.1, =0.1.1, =0.1.0, =0.2.1 Source cves: CVE-2023-33290 Source advisory: OSV:GHSA-QFH9-8P57-MJJJ...

GHSA-QFH9-8P57-MJJJ git-url-parse crate vulnerable to Regular Expression Denial of Service

The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...

CVE-2023-33290

The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...

CVE-2023-33290

The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...

CVE-2023-33290

The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...

CVE-2023-33290

CVE-2023-33290 affects the Rust crate for parsing Git URLs, specifically the git-url-parse crate up to version 0.4.4. The vulnerability is a Regular Expression Denial of Service (ReDoS) via a crafted URL to the normalize_url function in lib.rs. This can lead to high impact on availability (Denial...

PT-2023-24272 · Unknown · Giturlparse

Name of the Vulnerable Software and Affected Versions: git-url-parse versions 0.4.4 and earlier Description: The issue allows Regular Expression Denial of Service ReDos via a crafted URL to normalize url in lib.rs. This is similar to an issue found in Python. Recommendations: For versions 0.4.4 a...

git-url-parse 安全漏洞

npm git-url-parse is an npm module from npm that is used to parse the URL addresses of Git repositories. A security vulnerability exists in git-url-parse crate 0.4.4 and earlier, which stems from a Regular Expression Denial of Service ReDos vulnerability...

agogosml-cli (=0.1.2), chip-wallet-dstack (>=1.3.0 <=1.5.0) +23 more potentially affected by CVE-2023-32758 via git-url-parse (>=1.0.2 <=1.2.2)

git-url-parse PYPI version =1.0.2, =1.3.0, =1.11.4, =0.3.1.1, =0.5.0, =0.0.4, =0.1.2, =0.1.0, =0.0.1, =0.25.0, =0.3.10, =0.6.8 and more Source cves: CVE-2023-32758 Source advisory: OSV:GHSA-4XQQ-73WG-5MJP...

GHSA-4XQQ-73WG-5MJP git-url-parse Regular Expression Denial of Service

giturlparse aka git-url-parse through 1.2.2, as used in Semgrep 1.5.2 through 1.24.1, is vulnerable to ReDoS Regular Expression Denial of Service if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package for example, to check whether it accesses any Git...

git-url-parse Regular Expression Denial of Service

giturlparse aka git-url-parse through 1.2.2, as used in Semgrep 1.5.2 through 1.24.1, is vulnerable to ReDoS Regular Expression Denial of Service if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package for example, to check whether it accesses any Git...

CVE-2023-32758

The connected documents confirm CVE-2023-32758 affects git-url-parse (Python) up to 1.2.2, used by Semgrep versions 1.5.2–1.24.1. The issue is a Regular Expression Denial of Service (ReDoS) when parsing untrusted URLs, with potential impact if a package’s author embeds a crafted URL in a target p...