Lucene search
K

4 matches found

Debian CVE
Debian CVE
added 2026/06/22 2:59 p.m.5 views

CVE-2026-53550

js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0 and 3.15.0, a crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key processing by repeating the same alias many times in a merge sequence. This causes quadratic parse-time behavior relative to input size an...

5.3CVSS5.8AI score0.00259EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2026/06/15 5:15 p.m.67 views

JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases

Summary A crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key processing by repeating the same alias many times in a merge sequence. This causes quadratic parse-time behavior relative to input size and can block a Node.js worker/event loop for seconds with a relative...

5.3CVSS5.5AI score0.00259EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.10 views

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.212 contained security vulnerabilities, which were caused by the lack of consideration for the limitusercustomervisibility...

7.6CVSS5.8AI score0.00235EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/10/08 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-39931

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: afalg - Set merge to zero early in afalgsendmsg If an error causes afalgsendmsg to abort, ctx-merge may contain a garbage value from the previous loop...

5.5CVSS6.5AI score0.00137EPSS
Exploits0References4
Rows per page
Query Builder