Lucene search
K

13 matches found

Vulnrichment
Vulnrichment
added 2026/06/02 10:1 p.m.10 views

CVE-2026-27145 Inefficient candidate hostname parsing in crypto/x509

x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically based on the number...

5.9AI score0.00904EPSS
Exploits0References4
Snyk
Snyk
added 2026/02/05 5:23 p.m.3 views

Inefficient Algorithmic Complexity

Overview golang.org/x/net/html is a package that implements an HTML5-compliant tokenizer and parser. Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity via the html.Parse function due to quadratic parsing complexity when processing certain inputs, which can lea...

6.9CVSS8.1AI score0.00502EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/12/01 1:15 p.m.13 views

haproxy: denial of service vulnerability in HAProxy mjson library

A flaw was found in haproxy. A stemming from an inefficient algorithmic complexity issue within its bundled mjson parsing library. This vulnerability is triggered when haproxy is configured to analyze JSON content, such as with the jsonquery or jwtpayloadquery function...

7.5CVSS5.7AI score0.00469EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/10/17 12:0 a.m.20 views

Atlassian Confluence 7.19.x < 7.19.26 (CONFSERVER-98189)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-98189 advisory. - moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an...

7.5CVSS6.5AI score0.04923EPSS
Exploits1References2
Veracode
Veracode
added 2024/07/17 5:19 a.m.14 views

Denial Of Service (DoS)

rexml is vulnerable to Denial of Service DoS. The vulnerability is due to inefficient parsing of XML documents containing many specific characters such as , which can result in slow parsing times...

4.3CVSS6.6AI score0.01493EPSS
Exploits0References6Affected Software3
OpenVAS
OpenVAS
added 2024/03/18 12:0 a.m.36 views

Mageia: Security Advisory (MGASA-2024-0067)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.05664EPSS
Exploits1References6
Mageia
Mageia
added 2024/03/16 1:42 a.m.64 views

Updated jupyter-notebook packages fix security vulnerabilities

Path traversal in moment.locale. CVE-2022-24785 Inefficient parsing algorithim resulting in DoS. CVE-2022-31129...

7.5CVSS7.2AI score0.05664EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/06/15 12:0 a.m.30 views

RHEL 9 : Red Hat Ceph Storage 6.1 (RHSA-2023:3623)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3623 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system...

7.5CVSS6.8AI score0.04923EPSS
Exploits1References136
Tenable Nessus
Tenable Nessus
added 2023/03/28 12:0 a.m.82 views

RHEL 7 : Red Hat Gluster Storage web-admin-build (RHSA-2023:1486)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1486 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Django is a high-level Python...

10CVSS8AI score0.04923EPSS
Exploits2References12
RedHat Linux
RedHat Linux
added 2022/10/19 12:55 p.m.67 views

Moderate: Red Hat Security Advisory: RHOSDT 2.6.0 operator/operand containers Security Update

An update is now available for Red Hat Openshift distributed tracing 2.6.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

9.8CVSS6.8AI score0.05664EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2022/09/01 12:0 a.m.48 views

RHEL 8 : Red Hat OpenShift Service Mesh 2.0.11 (RHSA-2022:6272)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6272 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift...

7.5CVSS6.9AI score0.05664EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2022/07/06 12:0 a.m.9 views

PT-2022-20550

Name of the Vulnerable Software and Affected Versions moment versions prior to 2.29.4 Description The issue is related to an inefficient parsing algorithm used in the moment JavaScript date library, specifically in the string-to-date parsing and rfc2822 parsing. This results in quadratic complexi...

7.8CVSS7.2AI score0.04923EPSS
Exploits1References210
CNNVD
CNNVD
added 2022/07/06 12:0 a.m.3 views

Moment.js 资源管理错误漏洞

Moment.js is a JavaScript date library. It is used to parse, validate, manipulate and format dates. Moment.js has a security vulnerability that stems from the use of an inefficient parsing algorithm. Users passing user-supplied strings to the moment constructor without sound length checking are...

7.5CVSS6.7AI score0.04923EPSS
Exploits1References40
Rows per page
Query Builder