Azure Linux 3.0 Security Update: librsvg2 (CVE-2022-24713)

The version of librsvg2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-24713 advisory. - regex is an implementation of regular expressions for the Rust language. The regex crate features built-in...

Amazon Linux 2023 : amazon-efs-utils (ALAS2023-2025-1283)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1283 advisory. regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or...

SUSE-SU-2025:3911-1 Security update for rav1e

This update for rav1e fixes the following issues: - CVE-2022-24713: Updated crate regex to 1.5.5 that resolves a ReDoS issue bsc1196972...

EUVD-2022-1468

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-24713

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caus...

Regular expression denial of service in Rust's regex crate

...

SUSE SLED15 / SLES15 Security Update : rustup (SUSE-SU-2022:3949-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3949-1 advisory. - An issue was discovered in the tokio crate before 1.8.4, and 1.9.x through 1.13.x before 1.13.1, for Rust. I...

Ubuntu 20.04 LTS / 22.04 LTS : rust-regex vulnerability (USN-5610-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5610-1 advisory. Addison Crump discovered that rust-regex did not properly limit the complexity of the regular expressions regex it parses. An attacker could possibly...

Mozilla: Denial of Service via complex regular expressions

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane defaults to preven...

Mozilla: Denial of Service via complex regular expressions

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane defaults to preven...

Mozilla: Denial of Service via complex regular expressions

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane defaults to preven...

Mozilla: Denial of Service via complex regular expressions

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane defaults to preven...

Debian DLA-2971-1 : firefox-esr - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2971 advisory. - regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks cause...

Security Vulnerabilities fixed in Thunderbird 91.8 — Mozilla

NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the...

GHSA-M5PQ-GVJ9-9VR8 Rust's regex crate vulnerable to regular expression denial of service

This is a cross-post of the official security advisoryadvisory. The official advisory contains a signed version with our PGP key, as well. advisory: https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw The Rust Security Response WG was notified that the regex crate did not...

UBUNTU-CVE-2022-24713

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane defaults to preven...

CVE-2022-24713

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane defaults to preven...

CVE-2022-24713 Regular expression denial of service in Rust's regex crate

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane defaults to preven...

CVE-2022-24713

CVE-2022-24713 affects the Rust regex crate. A bug in the mitigations for untrusted regexes may allow denial-of-service via specially crafted regexes executed against user-controlled input. All versions ≤ 1.5.4 are affected; the fix starts with regex 1.5.5. Upgrading to a newer regex crate versio...

CVE-2022-24713 Regular expression denial of service in Rust's regex crate

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane defaults to preven...