Lucene search
K

135 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2016-6173

Malware in sbrugna...

6.5CVSS7.9AI score0.01109EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-1827

Malicious code in bioql PyPI...

5.3CVSS6.2AI score0.01698EPSS
Exploits0References19
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-1038

Malicious code in bioql PyPI...

5.3CVSS6.1AI score0.02637EPSS
Exploits0References31
OSV
OSV
added 2025/08/19 4:51 p.m.6 views

CLSA-2025-1755617966 ruby: Fix of CVE-2023-36617

CVE-2023-36617: fix mishandling invalid URLs that have specific characters in URI parser to prevent ReDoS issue...

5.3CVSS6.5AI score0.01698EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:49 p.m.8 views

CVE-2022-41606

HashiCorp Nomad and Nomad Enterprise 1.0.2 up to 1.2.12, and 1.3.5 jobs submitted with an artifact stanza using invalid S3 or GCS URLs can be used to crash client agents. Fixed in 1.2.13, 1.3.6, and 1.4.0...

6.5CVSS6.7AI score0.00716EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:29 p.m.4 views

CVE-2022-1157

Missing sanitization of logged exception messages in all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 of GitLab CE/EE causes potential sensitive values in invalid URLs to be logged...

3.5CVSS6.7AI score0.0062EPSS
Exploits0References1
OSV
OSV
added 2025/01/27 7:20 a.m.12 views

BIT-RUBY-MIN-2023-28756

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2...

5.3CVSS6.9AI score0.02452EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2024/10/02 12:0 a.m.26 views

Amazon Linux 2 : php (ALASPHP8.2-2024-005)

The version of php installed on the remote host is prior to 8.2.23-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2PHP8.2-2024-005 advisory. In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, due to a code logic error, filtering functions such as...

5.3CVSS7.2AI score0.12117EPSS
Exploits1References4
Redos
Redos
added 2024/08/26 12:0 a.m.33 views

ROS-20240826-12

Vulnerability of Ruby programming language components rfc2396parser.rb and rfc3986parser.rb is related to incorrect implementation of processing invalid URLs. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service Vulnerability in the URI component of th...

5.3CVSS7.2AI score0.02637EPSS
Exploits0
Redos
Redos
added 2024/08/26 12:0 a.m.28 views

ROS-20240826-09

The vulnerability in the Time library of the Ruby interpreter is related to the use of regular expression c inefficient computational complexity. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service Vulnerability in the URI component of the Ruby...

5.3CVSS7.1AI score0.02637EPSS
Exploits0
Debian
Debian
added 2024/06/18 9:8 a.m.36 views

[SECURITY] [DLA 3833-1] php7.3 security update

Debian LTS Advisory DLA-3833-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 17, 2024 https://wiki.debian.org/LTS Package : php7.3 Version : 7.3.31-1deb10u7 CVE ID : CVE-2024-5458 Debian Bug : 1072885 PHP, a widely-used open source general purpose scripting...

5.3CVSS6.7AI score0.12117EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2024/04/01 1:31 a.m.6 views

rubygem-uri: ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755

A flaw was found in the rubygem URI. The URI parser mishandles invalid URLs that have specific characters, which causes an increase in execution time parsing strings to URI objects. This issue may result in a regular expression denial of service ReDoS...

5.3CVSS7.5AI score0.02637EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/03/27 12:0 a.m.32 views

Rocky Linux 8 : ruby:3.1 (RLSA-2024:1431)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1431 advisory. - The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that...

8.8CVSS8.1AI score0.02637EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2024/03/19 6:46 p.m.5 views

ruby: ReDoS vulnerability in URI

A flaw was found in the rubygem URI. The URI parser mishandles invalid URLs that have specific characters, which causes an increase in execution time parsing strings to URI objects. This may result in a regular expression denial of service ReDoS...

5.3CVSS7.5AI score0.02637EPSS
Exploits0References5
OSV
OSV
added 2024/03/06 11:4 a.m.36 views

BIT-RUBY-2023-28756

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2...

5.3CVSS7.2AI score0.02452EPSS
Exploits0References12
CISA KEV Catalog
CISA KEV Catalog
added 2024/02/15 12:0 a.m.55 views

Cisco ASA and FTD Information Disclosure Vulnerability

Cisco Adaptive Security Appliance ASA and Firepower Threat Defense FTD contain an information disclosure vulnerability. An attacker could retrieve memory contents on an affected device, which could lead to the disclosure of confidential information due to a buffer tracking issue when the software...

7.5CVSS7AI score0.71789EPSS
In wildExploits0
RedHat Linux
RedHat Linux
added 2023/11/14 3:32 p.m.5 views

ruby: ReDoS vulnerability in URI

A flaw was found in the rubygem URI. The URI parser mishandles invalid URLs that have specific characters, which causes an increase in execution time parsing strings to URI objects. This may result in a regular expression denial of service ReDoS...

5.3CVSS7.5AI score0.02637EPSS
Exploits0References5
Redos
Redos
added 2023/10/03 12:0 a.m.51 views

ROS-20230929-01

Vulnerability in the URI component of the Ruby programming language, related to improper handling of invalid URLs containing certain characters. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service Vulnerability in the...

7.5CVSS5.6AI score0.05533EPSS
Exploits0
Veracode
Veracode
added 2023/07/22 11:40 p.m.19 views

Improper Authorization

gitLab is vulnerable to Missing Sanitization. This vulnerability exits due to the lack of validation of request URLs, allowing an attacker to include sensitive values from logged exception messages within invalid URLs, which are then logged...

5.3CVSS6.8AI score0.00537EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2023/07/22 11:22 p.m.18 views

Improper Authentication

GitLab is vulnerable to Missing Sanitization. This vulnerability exits due to the lack of validation of request URLs, allowing an attacker to include sensitive values from logged exception messages within invalid URLs, which are then logged...

6.5CVSS6.5AI score0.01129EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder