psf/black: ReDoS via the lines_with_leading_tabs_expanded() function in strings.py file

The python-black package is susceptible to a regular expression denial of service ReDoS vulnerability, found in the lineswithleadingtabsexpanded function within the strings.py file. This vulnerability could be exploited by running Black on untrusted input or by inserting numerous leading tab...

DEBIAN-CVE-2024-21503

Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service ReDoS via the lineswithleadingtabsexpanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. Exploiting thi...

PYSEC-2024-48

Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service ReDoS via the lineswithleadingtabsexpanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. Exploiting thi...

UBUNTU-CVE-2024-21503

Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service ReDoS via the lineswithleadingtabsexpanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. Exploiting thi...

SUSE CVE-2024-21503

Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service ReDoS via the lineswithleadingtabsexpanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. Exploiting thi...

black Security breach

Black is a Python code formatting program. A security vulnerability exists in versions prior to black 24.3.0 that stems from the lineswithleadingtabsexpanded function in the strings.py file being vulnerable to a denial-of-service attack, which can be exploited to cause a denial of service by...

PT-2024-2442 · Black +1 · Black +1

Name of the Vulnerable Software and Affected Versions: black versions prior to 24.3.0 Description: The issue is related to a Regular Expression Denial of Service ReDoS vulnerability via the lines with leading tabs expanded function in the strings.py file. An attacker could exploit this by craftin...

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the lineswithleadingtabsexpanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. Exploiting this...