26 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-49851
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to superlinear approximately O...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the parselinktext function of mistune/inlineparser.py, which performs a regex search inside a loop that advances one character at a time when parsing fails, producing On² behavior...
CVE-2026-49851
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to superlinear approximately On² behavior in parselinktext. When parsing Markdown containing many consecutive characters, parselinktext repeatedly scans the input usin...
CVE-2026-49851 Mistune: Potential DoS via quadratic-time parsing in parse_link_text
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to superlinear approximately On² behavior in parselinktext. When parsing Markdown containing many consecutive characters, parselinktext repeatedly scans the input usin...
CVE-2026-49851
Mistune (Python Markdown parser) prior to 3.3.0 is vulnerable to CPU exhaustion DoS due to quadratic-time behavior in parse_link_text when parsing many consecutive '[' characters. The code repeatedly scans input with a regex inside a loop, yielding O(n^2) runtime on affected inputs and enabling a...
CVE-2026-49851 Mistune: Potential DoS via quadratic-time parsing in parse_link_text
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to superlinear approximately On² behavior in parselinktext. When parsing Markdown containing many consecutive characters, parselinktext repeatedly scans the input usin...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: media:v4l2-core: A potential resource leak was fixed in v4l2fwnodeparselink. If the fwnodegraphgetremoteendpoint function fails, fwnode is known to be NULL. Therefore, fwnodehandlePUT is a no-op. Instead, the reference taken...
GHSA-HJPH-F4MC-WX4C Duplicate Advisory: Mistune has a ReDoS in LINK_TITLE_RE that allows denial of service via crafted Markdown input
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8mp2-v27r-99xp. This link is maintained to preserve external references. Original Description Summary Denial-of-Service DoS vulnerability in the Mistune Markdown parser. The issue occurs when processing speciall...
Duplicate Advisory: Mistune has a ReDoS in LINK_TITLE_RE that allows denial of service via crafted Markdown input
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8mp2-v27r-99xp. This link is maintained to preserve external references. Original Description Summary Denial-of-Service DoS vulnerability in the Mistune Markdown parser. The issue occurs when processing speciall...
Linux Distros Unpatched Vulnerability : CVE-2023-54183
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If fwnodegraphgetremoteendpoint fails, 'fwnode' is known to be NULL, so fwnodehandleput i...
CVE-2023-54183
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If fwnodegraphgetremoteendpoint fails, 'fwnode' is known to be NULL, so fwnodehandleput is a no-op. Release the reference taken from a previous...
SUSE CVE-2023-54183
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If fwnodegraphgetremoteendpoint fails, 'fwnode' is known to be NULL, so fwnodehandleput is a no-op. Release the reference taken from a previous...
EUVD-2023-60458
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If fwnodegraphgetremoteendpoint fails, 'fwnode' is known to be NULL, so fwnodehandleput is a no-op. Release the reference taken from a previous...
CVE-2023-54183
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If fwnodegraphgetremoteendpoint fails, 'fwnode' is known to be NULL, so fwnodehandleput is a no-op. Release the reference taken from a previous...
CVE-2023-54183 media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link()
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If fwnodegraphgetremoteendpoint fails, 'fwnode' is known to be NULL, so fwnodehandleput is a no-op. Release the reference taken from a previous...
CVE-2023-54183
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If fwnodegraphgetremoteendpoint fails, 'fwnode' is known to be NULL, so fwnodehandleput is a no-op. Release the reference taken from a previous...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper resource release in the v4l2fwnodeparselink function, which could lead to a resource leak...
EUVD-2023-60251
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: common: Fix refcount leak in parsedailinkinfo Add missing ofnodeputs before the returns to balance ofnodegets and ofnodeputs, which may get unbalanced in case the for loop 'foreachavailablechildofnode' returns ear...
EUVD-2022-0673
Malicious code in bioql PyPI...
@abi-software/flatmap-viewer (>=1.0.2 <=2.1.0-beta.1), @abi-software/flatmapvuer (>=0.1.0 <=0.1.33-beta-1) +854 more potentially affected by CVE-2021-23490 via parse-link-header (>=0.1.0 <=1.0.1)
parse-link-header NPM version =0.1.0, =1.0.2, =0.1.0, =1.1.0, =2.0.0, =0.1.0, =0.1.0, =1.5.1, =1.1.0, =1.1.0, =0.1.0, =1.5.1, =0.2.0, =1.5.1, =2.0.0-alpha.1, =2.0.0-alpha.11 and more Source cves: CVE-2021-23490 Source advisory: OSV:GHSA-Q674-XM3X-2926...