2120 matches found
In mistune through 2.0.2 support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic backtracking.
...
GHSA-FW3V-X4F2-V673 Mistune vulnerable to catastrophic backtracking
In Mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic backtracking...
DEBIAN-CVE-2022-34749
In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic backtracking...
PYSEC-2022-237
In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic backtracking...
CVE-2022-34749
In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic backtracking...
CVE-2022-34749
In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic backtracking...
PYSEC-2022-237
In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic backtracking...
UBUNTU-CVE-2022-34749
In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic backtracking...
Code injection
In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic backtracking...
mistune 安全漏洞
mistune is a fast and powerful Python Markdown parser from the individual developer Hsiaoming Yang. A security vulnerability exists in mistune 2.0.2 and earlier versions, which stems from the fact that its support for inline markup is implemented through the use of regular expressions, which may...
CVE-2022-34749
In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic backtracking...
PT-2022-22315 · Mistune +1 · Mistune +1
Name of the Vulnerable Software and Affected Versions: Mistune versions 2.0.2 and earlier Description: The issue arises from the support of inline markup in Mistune, which utilizes regular expressions. These regular expressions can lead to a high amount of backtracking on certain edge cases, a...
CVE-2022-34749
CVE-2022-34749 affects Mistune
CVE-2022-34749
In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic backtracking...
Wallarm extends AWS API security with the official Terraform module
Wallarm API Security solution is now available in AWS as an official Terraform module, with a full feature set including autoscaling groups, API Gateway connector, mirroring, and agentless out-of-band deployments. To address modern cloud-native threats, API security vendor Wallarm released extend...
GSD-2022-1003505 f2fs: fix to do sanity check for inline inode
f2fs: fix to do sanity check for inline inode This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.121 by commit...
GSD-2022-1003245 f2fs: fix to do sanity check for inline inode
f2fs: fix to do sanity check for inline inode This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.46 by commit...
GSD-2022-1002955 f2fs: fix to do sanity check for inline inode
f2fs: fix to do sanity check for inline inode This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.14 by commit...
GSD-2022-1002612 f2fs: fix to do sanity check for inline inode
f2fs: fix to do sanity check for inline inode This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...
Stored Cross-Site Scripting vulnerability in Recipe Instructions allows Admin session hijacking
Description A low privilege user can insert malicious JavaScript code into the Recipe Instructions which will execute in another person's browser that visits the recipe. Proof of Concept Reproduction Steps: 1. As a lower privileged user login to the Mealie web application. 2. Create a recipe and...