4 matches found
Rack 安全漏洞
Rack is a modular Ruby web server interface developed by the Rack open-source project. Versions of Rack prior to 2.2.23, 3.1.21, and 3.2.6 contained security vulnerabilities. These vulnerabilities stemmed from the use of greedy regular expressions by the multipart parser to extract boundary...
regexss
regexss Overly-greedy regex r...
PT-2025-39244
Name of the Vulnerable Software and Affected Versions Schema & Structured Data for WP & AMP versions prior to 1.50 Description The software does not properly handle HTML tag attribute modifications, which allows for unauthenticated attackers to conduct Stored Cross-Site Scripting XSS attacks via...
GHSA-J828-28RJ-HFHP vLLM vulnerable to Regular Expression Denial of Service
Summary A recent review identified several regular expressions in the vllm codebase that are susceptible to Regular Expression Denial of Service ReDoS attacks. These patterns, if fed with crafted or malicious input, may cause severe performance degradation due to catastrophic backtracking. 1...