17 matches found
Improper handling of null Unicode character when parsing JSON in github.com/modelcontextprotocol/go-sdk
The Go SDK recently transitioned to the segmentio/encoding library for JSON parsing in version 1.3.1. While this change addressed both case-insensitivity and ASCII folding issues, the new parser implemented aggressive key matching that treated keys with null Unicode characters appended at the end...
GHSA-Q382-VC8Q-7JHJ Improper handling of null Unicode character when parsing JSON in github.com/modelcontextprotocol/go-sdk
The Go SDK recently transitioned to the segmentio/encoding library for JSON parsing in version 1.3.1. While this change addressed both case-insensitivity and ASCII folding issues, the new parser implemented aggressive key matching that treated keys with null Unicode characters appended at the end...
EUVD-2023-0757
Malicious code in bioql PyPI...
is-url Inefficient Regular Expression Complexity vulnerability
A vulnerability was found in Segmentio is-url up to 1.2.2. It has been rated as problematic. Affected by this issue is an unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. Upgrading to version 1.2....
GHSA-P9W8-2MPQ-49H9 is-url Inefficient Regular Expression Complexity vulnerability
A vulnerability was found in Segmentio is-url up to 1.2.2. It has been rated as problematic. Affected by this issue is an unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. Upgrading to version 1.2....
CVE-2018-25079
A vulnerability was found in Segmentio is-url up to 1.2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. Upgrading to version...
CVE-2018-25079
A vulnerability was found in Segmentio is-url up to 1.2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. Upgrading to version...
Information disclosure
A vulnerability was found in Segmentio is-url up to 1.2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. Upgrading to version...
CVE-2018-25079 Segmentio is-url index.js redos
A vulnerability was found in Segmentio is-url up to 1.2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. Upgrading to version...
CVE-2018-25079
The CVE-2018-25079 entry concerns Segmentio is-url up to version 1.2.2. The issue is in an unknown function within index.js that causes inefficient regular expression complexity (redos). Impact is remote exploitation with potential denial of service risk (high availability impact) as per the CVSS...
PT-2023-10820 · Segmentio · Is-Url
Name of the Vulnerable Software and Affected Versions: Segmentio is-url versions up to 1.2.2 Description: A vulnerability was found in the file index.js, leading to inefficient regular expression complexity. The attack may be launched remotely. Recommendations: For versions up to 1.2.2, upgrade t...
is-url 安全漏洞
is-url is a library for detecting whether a string is a URL. A security vulnerability exists in Segmentio is-url versions prior to 1.2.3, which stems from a problem with an unknown function in the file index.js that causes inefficient regular expression complexity...
Fedora: Security Advisory for golang-github-segmentio-ksuid (FEDORA-2022-37aef44d1e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for golang-github-segmentio-ksuid (FEDORA-2022-3969b64d4b)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 35 Update: golang-github-segmentio-ksuid-1.0.4-3.fc35
K-Sortable Globally Unique IDs...
Fedora: Security Advisory for golang-github-segmentio-ksuid (FEDORA-2022-ba365d3703)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 36 Update: golang-github-segmentio-ksuid-1.0.4-3.fc36
K-Sortable Globally Unique IDs...