python: urllib.parse url blocklisting bypass

A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity...

python: urllib.parse url blocklisting bypass

A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity...

python: urllib.parse url blocklisting bypass

A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity...

The vulnerability of the parse_required_member() function in the protobuf-c data serialization protocol, related to integer overflow, allows a attacker to execute arbitrary code and completely compromise the system.

The vulnerability of the parserequiredmember function in the protobuf-c data serialization protocol is related to integer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and cause the system to be completely compromised...

OSV-2023-497 Stack-buffer-overflow in parse_regex

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59907 Crash type: Stack-buffer-overflow READ 1 Crash state: parseregex parseregex parseregex...

CVE-2023-35862

libcoap 4.3.1 contains a buffer over-read via the function coapparseoscoreconfmem at coaposcore.c...

python: urllib.parse url blocklisting bypass

A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity...

python: urllib.parse url blocklisting bypass

A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity...

python: urllib.parse url blocklisting bypass

A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity...

golang: go/parser: Infinite loop in parsing

A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an infinite loop due to integer overflow when calling any of the Parse functions. By sending a specially crafted input, a remote attacker can cause a denial of service...

git-url-parse crate vulnerable to Regular Expression Denial of Service

The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...

cranko (>=0.0.21 <=0.16.0), diener (>=0.1.0 <=0.4.2) +9 more potentially affected by CVE-2023-33290 via git-url-parse (>=0.2.0 <=0.3.1)

git-url-parse CARGO version =0.2.0, =0.0.21, =0.1.0, =0.0.1, =0.0.1, =2.3.0, =0.1.0, =0.3.1, =0.1.1, =0.1.0, =0.2.1 Source cves: CVE-2023-33290 Source advisory: OSV:GHSA-QFH9-8P57-MJJJ...

GHSA-QFH9-8P57-MJJJ git-url-parse crate vulnerable to Regular Expression Denial of Service

The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...

CVE-2023-33290

The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...

CVE-2023-33290

The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...

CVE-2023-33290

CVE-2023-33290 affects the Rust crate for parsing Git URLs, specifically the git-url-parse crate up to version 0.4.4. The vulnerability is a Regular Expression Denial of Service (ReDoS) via a crafted URL to the normalize_url function in lib.rs. This can lead to high impact on availability (Denial...

CVE-2023-33290

The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...

PT-2023-24272 · Unknown · Giturlparse

Name of the Vulnerable Software and Affected Versions: git-url-parse versions 0.4.4 and earlier Description: The issue allows Regular Expression Denial of Service ReDos via a crafted URL to normalize url in lib.rs. This is similar to an issue found in Python. Recommendations: For versions 0.4.4 a...

git-url-parse 安全漏洞

npm git-url-parse is an npm module from npm that is used to parse the URL addresses of Git repositories. A security vulnerability exists in git-url-parse crate 0.4.4 and earlier, which stems from a Regular Expression Denial of Service ReDos vulnerability...

PT-2023-35867 · Git +1 · Libxml2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Global-buffer-overflow READ 1. The crash state involves functions such as xmlDictLookup, xmlParseNCNam...