39 matches found
EUVD-2025-25266
Malicious code in bioql PyPI...
EUVD-2025-25267
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-54364
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Microsoft Knack 0.12.0 allows Regular expression Denial of Service ReDoS in the knack.introspection module. optiondescriptions employs an inefficient regular...
GHSA-XH9H-692F-MMG4 vulnerabilities
Vulnerabilities for packages: az, py3-knack...
CVE-2025-54363 vulnerabilities
Vulnerabilities for packages: az, py3-knack...
CVE-2025-54364 vulnerabilities
Vulnerabilities for packages: az, py3-knack...
GHSA-6FXP-P9MG-Q64W vulnerabilities
Vulnerabilities for packages: az, py3-knack...
GHSA-XH9H-692F-MMG4 vulnerabilities
Vulnerabilities for packages: az, py3-knack...
CVE-2025-54364 vulnerabilities
Vulnerabilities for packages: az, py3-knack...
CVE-2025-54364
Microsoft Knack 0.12.0 allows Regular expression Denial of Service ReDoS in the knack.introspection module. optiondescriptions employs an inefficient regular expression pattern: "\s:param\s+.+?\s:." that is susceptible to catastrophic backtracking when processing crafted docstrings containing a...
CVE-2025-54363
Microsoft Knack 0.12.0 allows Regular expression Denial of Service ReDoS in the knack.introspection module. extractfullsummaryfromsignature employs an inefficient regular expression pattern: "\s:param\s+.+?\s:." that is susceptible to catastrophic backtracking when processing crafted docstrings...
GHSA-XH9H-692F-MMG4 Withdrawn Advisory: Microsoft Knack ReDoS Vulnerability in the Introspection Module
Withdrawn Advisory This advisory has been withdrawn because the attack surface of this vulnerability is outside of Knack's intended functionality. The maintainer states the following: These CVEs are invalid. Knack is a CLI framework used by Azure CLI. It's a local library, not a web service. In...
Withdrawn Advisory: Microsoft Knack ReDoS Vulnerability in the Introspection Module
Withdrawn Advisory This advisory has been withdrawn because the attack surface of this vulnerability is outside of Knack's intended functionality. The maintainer states the following: These CVEs are invalid. Knack is a CLI framework used by Azure CLI. It's a local library, not a web service. In...
GHSA-6FXP-P9MG-Q64W Withdrawn Advisory: Microsoft Knack ReDoS Vulnerability in the Introspection Module
Withdrawn Advisory This advisory has been withdrawn because the attack surface of this vulnerability is outside of Knack's intended functionality. The maintainer states the following: These CVEs are invalid. Knack is a CLI framework used by Azure CLI. It's a local library, not a web service. In...
Withdrawn Advisory: Microsoft Knack ReDoS Vulnerability in the Introspection Module
Withdrawn Advisory This advisory has been withdrawn because the attack surface of this vulnerability is outside of Knack's intended functionality. The maintainer states the following: These CVEs are invalid. Knack is a CLI framework used by Azure CLI. It's a local library, not a web service. In...
CVE-2025-54363
Microsoft Knack 0.12.0 allows Regular expression Denial of Service ReDoS in the knack.introspection module. extractfullsummaryfromsignature employs an inefficient regular expression pattern: "\s:param\s+.+?\s:." that is susceptible to catastrophic backtracking when processing crafted docstrings...
CVE-2025-54363
Microsoft Knack 0.12.0 allows Regular expression Denial of Service ReDoS in the knack.introspection module. extractfullsummaryfromsignature employs an inefficient regular expression pattern: "\s:param\s+.+?\s:." that is susceptible to catastrophic backtracking when processing crafted docstrings...
CVE-2025-54364
Microsoft Knack 0.12.0 allows Regular expression Denial of Service ReDoS in the knack.introspection module. optiondescriptions employs an inefficient regular expression pattern: "\s:param\s+.+?\s:." that is susceptible to catastrophic backtracking when processing crafted docstrings containing a...
CVE-2025-54364
Microsoft Knack 0.12.0 allows Regular expression Denial of Service ReDoS in the knack.introspection module. optiondescriptions employs an inefficient regular expression pattern: "\s:param\s+.+?\s:." that is susceptible to catastrophic backtracking when processing crafted docstrings containing a...
DEBIAN-CVE-2025-54364
Microsoft Knack 0.12.0 allows Regular expression Denial of Service ReDoS in the knack.introspection module. optiondescriptions employs an inefficient regular expression pattern: "\s:param\s+.+?\s:." that is susceptible to catastrophic backtracking when processing crafted docstrings containing a...