ROS-20260508-73-0014

Vulnerability in nodejs-minimatch related to the use of regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

CVE-2026-3293

A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts...

PT-2025-46138

Name of the Vulnerable Software and Affected Versions REXML affected versions not specified Description A flaw exists in REXML related to inefficient regular expression regex parsing when processing hex numeric character references &x... in XML documents. This can lead to a Regular Expression...

EUVD-2021-1154

Malware in sbrugna...

EUVD-2023-1717

Malicious code in bioql PyPI...

SUSE CVE-2024-45296

path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event...

AZL-49161 CVE-2024-45296 affecting package nodejs-nodemon 2.0.3-5

path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event...

OESA-2024-1254 python-django security update

Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An inefficient regular expression complexity flaw was found in the Truncator.words function and truncatewordshtml filter of Django. This issue may allow an attacker to use a...

SUSE-SU-2023:4176-1 Security update for ruby2.5

This update for ruby2.5 fixes the following issues: - CVE-2023-28755: Fixed a ReDoS vulnerability in URI. bsc1209891 - CVE-2023-28756: Fixed an expensive regexp in the RFC2822 time parser. bsc1209967 - CVE-2021-41817: Fixed a Regular Expression Denial of Service Vulnerability of Date Parsing...

PT-2023-10617 · Debug-Js · Debug-Js

Name of the Vulnerable Software and Affected Versions: debug-js debug versions up to 3.0.x debug-js debug version 2.6.x up to 2.6.8 Description: A vulnerability has been found in debug-js debug, affecting the useColors function of the file src/node.js. The manipulation of the argument str leads t...

PT-2022-8059 · Unknown · Email-Existence

Name of the Vulnerable Software and Affected Versions: email-existence affected versions not specified Description: A vulnerability was found in email-existence, rated as problematic. It affects some unknown functionality of the file index.js. The manipulation leads to inefficient regular...

SUSE-SU-2021:0601-1 Security update for python-Jinja2

This update for python-Jinja2 fixes the following issues: - CVE-2020-28493: Improve the speed of the 'urlize' filter by reducing regex backtracking. Email matching requires a word character at the start of the domain part, and only word characters in the TLD. bsc1181944...