Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: - media: v4l2-core: A potential resource leak was fixed in v4l2fwnodeparselink. - If the fwnodegraphgetremoteendpoint function fails, and ‘fwnode’ is set to NULL, then fwnodehandlePUT is a no-op. Instead, release the reference...

Duplicate Advisory: Mistune has a ReDoS in LINK_TITLE_RE that allows denial of service via crafted Markdown input

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8mp2-v27r-99xp. This link is maintained to preserve external references. Original Description Summary Denial-of-Service DoS vulnerability in the Mistune Markdown parser. The issue occurs when processing speciall...

GHSA-HJPH-F4MC-WX4C Duplicate Advisory: Mistune has a ReDoS in LINK_TITLE_RE that allows denial of service via crafted Markdown input

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8mp2-v27r-99xp. This link is maintained to preserve external references. Original Description Summary Denial-of-Service DoS vulnerability in the Mistune Markdown parser. The issue occurs when processing speciall...

Linux Distros Unpatched Vulnerability : CVE-2023-54183

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If fwnodegraphgetremoteendpoint fails, 'fwnode' is known to be NULL, so fwnodehandleput i...

CVE-2023-54183

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If fwnodegraphgetremoteendpoint fails, 'fwnode' is known to be NULL, so fwnodehandleput is a no-op. Release the reference taken from a previous...

SUSE CVE-2023-54183

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If fwnodegraphgetremoteendpoint fails, 'fwnode' is known to be NULL, so fwnodehandleput is a no-op. Release the reference taken from a previous...

EUVD-2023-60458

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If fwnodegraphgetremoteendpoint fails, 'fwnode' is known to be NULL, so fwnodehandleput is a no-op. Release the reference taken from a previous...

CVE-2023-54183

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If fwnodegraphgetremoteendpoint fails, 'fwnode' is known to be NULL, so fwnodehandleput is a no-op. Release the reference taken from a previous...

CVE-2023-54183

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If fwnodegraphgetremoteendpoint fails, 'fwnode' is known to be NULL, so fwnodehandleput is a no-op. Release the reference taken from a previous...

CVE-2023-54183 media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link()

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If fwnodegraphgetremoteendpoint fails, 'fwnode' is known to be NULL, so fwnodehandleput is a no-op. Release the reference taken from a previous...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper resource release in the v4l2fwnodeparselink function, which could lead to a resource leak...

EUVD-2023-60251

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: common: Fix refcount leak in parsedailinkinfo Add missing ofnodeputs before the returns to balance ofnodegets and ofnodeputs, which may get unbalanced in case the for loop 'foreachavailablechildofnode' returns ear...

EUVD-2022-0673

Malicious code in bioql PyPI...

@abi-software/flatmap-viewer (>=1.0.2 <=2.1.0-beta.1), @abi-software/flatmapvuer (>=0.1.0 <=0.1.33-beta-1) +852 more potentially affected by CVE-2021-23490 via parse-link-header (>=0.1.0 <=1.0.1)

parse-link-header NPM version =0.1.0, =1.0.2, =0.1.0, =1.1.0, =2.0.0, =0.1.0, =0.1.0, =1.5.1, =1.1.0, =1.1.0, =0.1.0, =1.5.1, =0.2.0, =1.5.1, =2.0.0-alpha.1, =2.0.0-alpha.11 and more Source cves: CVE-2021-23490 Source advisory: OSV:GHSA-Q674-XM3X-2926...

CVE-2021-23490

The package parse-link-header before 2.0.0 are vulnerable to Regular Expression Denial of Service ReDoS via the checkHeader function...

Design/Logic Flaw

The package parse-link-header before 2.0.0 are vulnerable to Regular Expression Denial of Service ReDoS via the checkHeader function...

CVE-2021-23490

CVE-2021-23490 affects the npm package parse-link-header . The issue is a Regular Expression Denial of Service (ReDoS) triggered by the checkHeader function in versions prior to 2.0.0 . Reported impact is CPU exhaustion that can degrade service or cause a denial of service. Remediation : upgrade ...

PT-2021-15535 · Unknown · Parse-Link-Header

Name of the Vulnerable Software and Affected Versions: parse-link-header versions prior to 2.0.0 Description: The issue concerns a Regular Expression Denial of Service ReDoS that can be triggered via the checkHeader function. This can lead to a denial of service. Recommendations: For versions pri...

parse-link-header 安全漏洞

parse-link-header parses the link header and returns paging information for each contained link. A security vulnerability exists in parse-link-header version 2.0.0 and earlier, which stems from the checkHeader function being vulnerable to a regular expression denial of service attack...

Regular Expression Denial of Service (ReDoS)

Overview parse-link-header is a package that parses a link header and returns paging information for each contained link. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the checkHeader function. PoC var parse = require'parse-link-header'; const...