3 matches found
GHSA-7FQQ-Q52P-2JJG OpenCC has an Out-of-bounds read when processing truncated UTF-8 input
Summary OpenCC versions before 1.2.0 contain two CWE-125: Out-of-bounds Read issues caused by length validation failures in UTF-8 processing. When handling malformed or truncated UTF-8 input, OpenCC trusted derived length values without enforcing the invariant that processed length must not excee...
CVE-2025-66020 Valibot has a ReDoS vulnerability in `EMOJI_REGEX`
Valibot helps validate data using a schema. In versions from 0.31.0 to 1.1.0, the EMOJIREGEX used in the emoji action is vulnerable to a Regular Expression Denial of Service ReDoS attack. A short, maliciously crafted string e.g., 100 characters can cause the regex engine to consume excessive CPU...
PYSEC-2021-323
Products.isurlinportal is a replacement for isURLInPortal method in Plone. Versions of Products.isurlinportal prior to 1.2.0 have an Open Redirect vulnerability. Various parts of Plone use the 'is url in portal' check for security, mostly to see if it is safe to redirect to a url. A url like...