10 matches found
Regular Expression Denial Of Service (ReDoS)
Transformers is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regular expression processing due to nested quantifiers in the preprocessstring function of transformers.testingutils, which can cause exponential backtracking and high CPU usage when...
libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS
A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate,...
libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS
A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate,...
Uncontrolled Memory Consumption in `SimpleDirectoryReader` Due to Post-Limit File Processing
Description Summary: The SimpleDirectoryReader component in llamaindex.core contains a resource management flaw where user-specified file limits numfileslimit are applied after fully enumerating and loading all discovered files into memory. This design causes uncontrolled memory consumption and...
Denial Of Service (DoS)
Django is vulnerable to Denial of Service DoS. The vulnerability is due to inefficient processing due to the django.utils.text.wrap method and wordwrap template filter, which can be exploited using very long strings to cause excessive resource consumption...
Regular Expression Denial Of Service (ReDoS)
CGI is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regular expression processing in the UtilescapeElement method, allowing an attacker to cause denial of service through excessive backtracking with crafted input...
CVE-2024-7592
There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resourc...
CVE-2019-19331
knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A...
CVE-2019-19331
knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A...
CVE-2019-19331
knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A...