8 matches found
GHSA-W6Q7-J642-7C25 vLLM has a Regular Expression Denial of Service (ReDoS, Exponential Complexity) Vulnerability in `pythonic_tool_parser.py`
Summary A Regular Expression Denial of Service ReDoS vulnerability exists in the file vllm/entrypoints/openai/toolparsers/pythonictoolparser.py of the vLLM project. The root cause is the use of a highly complex and nested regular expression for tool call detection, which can be exploited by an...
Denial Of Service (DoS)
github.com/golang/go is vulnerable to Denial Of Service DoS. An attacker can crash the application by providing a deeply nested regular expression to reuse function of parse.go...
NewStart CGSL CORE 5.04 / MAIN 5.04 : perl Multiple Vulnerabilities (NS-SA-2021-0099)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has perl packages installed that are affected by multiple vulnerabilities: - Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow...
EulerOS 2.0 SP8 : perl (EulerOS-SA-2020-1820)
According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Perl before 5.30.3 has an integer overflow related to mishandling of a 'PLregkindOPn == NOTHING' situation. A crafted regular expression could lea...
CVE-2020-10543
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow...
Integer overflow
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow...
CVE-2020-10543
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow...
CVE-2020-10543
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. An application written in Perl would only be vulnerable to this flaw if it evaluates regular expressions supplied by the attacker. Evaluating regular...