20 matches found
EUVD-2026-28376
Decimal: Unbounded exponent in Decimal.new enables unauthenticated DoS...
HSEC-2023-0007 readFloat: memory exhaustion with large exponent
readFloat: memory exhaustion with large exponent Numeric.readFloat takes time and memory linear in the size of the number denoted by the input string. In particular, processing a number expressed in scientific notation with a very large exponent could cause a denial of service. The slowdown is...
SUSE SLES15 Security Update : haproxy (SUSE-SU-2025:03589-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:03589-1 advisory. - CVE-2025-11230: Fixed issue in the mjson JSON decoder, that could have let to excessive resource consumption when processing numbers with large...
EUVD-2017-0214
Malware in sbrugna...
python-django: Memory exhaustion in django.utils.numberformat.floatformat()
A security issue was found in Django. If 'floatformat' received a string representation of a number in scientific notation with a large exponent, it could lead to significant memory consumption. To avoid this, decimals with more than 200 digits are now returned as is...
In Go before 1.15.13 and 1.16.x before 1.16.5 there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method.
...
python-django: Memory exhaustion in django.utils.numberformat.floatformat()
A security issue was found in Django. If 'floatformat' received a string representation of a number in scientific notation with a large exponent, it could lead to significant memory consumption. To avoid this, decimals with more than 200 digits are now returned as is...
CVE-2024-41989
A security issue was found in Django. If 'floatformat' received a string representation of a number in scientific notation with a large exponent, it could lead to significant memory consumption. To avoid this, decimals with more than 200 digits are now returned as is. Mitigation Mitigation for th...
GHSA-JH75-99HH-QVX9 Django memory consumption vulnerability
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent...
PYSEC-2024-67
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent...
PYSEC-2024-67
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent...
Django 安全漏洞
Django is a set of open source web application frameworks based on the Python language from the Django Foundation. The framework includes an object-oriented mapper, view system, template system, and more. A security vulnerability exists in Django versions prior to 5.0 through 5.0.8 and 4.2 throug...
SUSE CVE-2006-2940
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service CPU consumption via parasitic public keys with large 1 "public exponent" or 2 "public modulus" values in X.509 certificates that require extra time to process when using RSA...
SUSE CVE-2021-33198
In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method...
GHSA-QPGV-G792-WH6X Uncontrolled Resource Consumption in parse_duration
An issue was discovered in the parseduration crate through 2021-03-18 for Rust. It allows attackers to cause a denial of service CPU and memory consumption via a duration string with a large exponent...
Design/Logic Flaw
In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method...
CVE-2021-29932
An issue was discovered in the parseduration crate through 2021-03-18 for Rust. It allows attackers to cause a denial of service CPU and memory consumption via a duration string with a large exponent...
CVE-2021-29932
An issue was discovered in the parseduration crate through 2021-03-18 for Rust. It allows attackers to cause a denial of service CPU and memory consumption via a duration string with a large exponent...
CVE-2021-29932
An issue was discovered in the parseduration crate through 2021-03-18 for Rust. It allows attackers to cause a denial of service CPU and memory consumption via a duration string with a large exponent...
DEBIAN-CVE-2006-2940
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service CPU consumption via parasitic public keys with large 1 "public exponent" or 2 "public modulus" values in X.509 certificates that require extra time to process when using RSA...