Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2024/03/14 12:0 a.m.11 views

EulerOS Virtualization 2.10.0 : python-configobj (EulerOS-SA-2024-1388)

According to the versions of the python-configobj package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate...

5.9CVSS5.4AI score0.01259EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2023/04/03 1:14 p.m.30 views

CVE-2023-26112

A flaw was found in python-configobj via the Validator function at python-configobj/validate.py. This issue only occurs in the case of a developer putting the offending value in a server side configuration file, which could lead to a Regular Expression Denial of Service ReDoS...

5.9CVSS5.5AI score0.01259EPSS
Exploits1References3
NVD
NVD
added 2023/04/03 5:15 a.m.19 views

CVE-2023-26112

All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?.. Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file...

5.9CVSS4.7AI score0.01259EPSS
Exploits1References5
FreeBSD
FreeBSD
added 2023/04/03 12:0 a.m.25 views

py39-configobj -- vulnerable to Regular Expression Denial of Service

DarkTinia reports: All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?.. Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file...

5.9CVSS5.9AI score0.01259EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2023/04/03 12:0 a.m.15 views

Configobj -- Regular Expression Denial of Service attack

[email protected] reports: All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?..Note: This is only exploitable in the case of a developer putting the offending value in a server side configuration file...

5.9CVSS6.8AI score0.01259EPSS
Exploits1References1
Rows per page
Query Builder