Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2026/05/19 8:9 p.m.14 views

Dasel: Denial of service in dasel selector lexer due to infinite loop on unterminated regex literal

Summary dasel's selector lexer enters a non-terminating loop when tokenizing an unterminated regex pattern such as r/abc. A 2-byte input r/ is sufficient to cause the tokenizer to consume 100% CPU on one core indefinitely. I confirmed the issue on v3.3.1 fba653c7f248aff10f2b89fca93929b64707dfc8 a...

5.8AI score0.0005EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/19 8:9 p.m.7 views

GHSA-M6XR-FVFG-5G64 Dasel: Denial of service in dasel selector lexer due to infinite loop on unterminated regex literal

Summary dasel's selector lexer enters a non-terminating loop when tokenizing an unterminated regex pattern such as r/abc. A 2-byte input r/ is sufficient to cause the tokenizer to consume 100% CPU on one core indefinitely. I confirmed the issue on v3.3.1 fba653c7f248aff10f2b89fca93929b64707dfc8 a...

7.5CVSS5.8AI score0.0005EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/19 8:8 p.m.19 views

Dasel: Index-out-of-range panic in dasel selector lexer on trailing backslash in quoted string

Summary dasel's selector lexer panics with an index-out-of-range error when tokenizing a quoted string that ends with a trailing backslash e.g., "\ or '. A 2-byte input causes an immediate process crash via Go runtime panic. I confirmed the issue on v3.3.1 fba653c7f248aff10f2b89fca93929b64707dfc8...

5.8AI score0.00052EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.13 views

PT-2026-42044

Name of the Vulnerable Software and Affected Versions dasel versions 3.0.0 through 3.3.1 Description The selector lexer contains a flaw that causes a process crash via a Go runtime panic when tokenizing a quoted string that ends with a trailing backslash. This occurs because the escape sequence...

7.5CVSS5.8AI score0.00052EPSS
Exploits0References4
Rows per page
Query Builder