Lucene search
K

5 matches found

NVD
NVD
added 2026/06/25 5:16 a.m.9 views

CVE-2026-13311

shell-quote prior to 1.8.5 finalizes parsed tokens in parse using Array.prototype.concat as a reduce accumulator, which reallocates and copies the entire growing array on every iteration. As a result parse runs in On^2 time relative to the number of input tokens. An attacker who can supply an...

8.7CVSS0.0036EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/03 11:24 p.m.6 views

SUSE CVE-2026-34827

Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21, and 3.2.0 to before 3.2.6, Rack::Multipart::Parserhandlemimehead parses quoted multipart parameters such as Content-Disposition: form-data; name="..." using repeated Stringindex searches combined with...

7.5CVSS5.8AI score0.00475EPSS
Exploits0References3
OSV
OSV
added 2025/05/05 4:31 p.m.3 views

USN-7476-1 python-scrapy vulnerabilities

It was discovered that Scrapy improperly exposed HTTP authentication credentials to request targets, including during redirects. An attacker could use this issue to gain unauthorized access to user accounts. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2021-41125 It was...

8.8CVSS5.8AI score0.01243EPSS
Exploits5References7
Snyk
Snyk
added 2024/11/22 3:50 a.m.5 views

Regular Expression Denial of Service (ReDoS)

Overview tornado is a Python web framework and asynchronous networking library, originally developed at FriendFeed. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS due to inefficient cookie parsing that results in quadratic performance. An attacker...

7.5CVSS6.8AI score0.01051EPSS
Exploits0References2
OSV
OSV
added 2022/09/09 2:15 p.m.35 views

CVE-2020-10735

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int"text", a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are no...

7.5CVSS8.5AI score0.03213EPSS
Exploits0References29
Rows per page
Query Builder