11 matches found
CVE-2024-41655
TF2 Item Format helps users format TF2 items to the community standards. Versions of tf2-item-format since at least 4.2.6 and prior to 5.9.14 are vulnerable to a Regular Expression Denial of Service ReDoS attack when parsing crafted user input. This vulnerability can be exploited by an attacker t...
EUVD-2024-2298
Malicious code in bioql PyPI...
Regular Expression Denial Of Service (ReDoS)
tf2-item-format is vulnerable to a Regular Expression Denial of Service ReDoS. The vulnerability is due a regular expression with inefficient complexity utilized in decomposeName.ts, which allows an attacker to perform Denial of Service DoS attacks on any service that uses tf2-item-format to pars...
CVE-2024-41655
TF2 Item Format helps users format TF2 items to the community standards. Versions of tf2-item-format since at least 4.2.6 and prior to 5.9.14 are vulnerable to a Regular Expression Denial of Service ReDoS attack when parsing crafted user input. This vulnerability can be exploited by an attacker t...
CVE-2024-41655 TF2 Item Format Regular Expression Denial of Service vulnerability
TF2 Item Format helps users format TF2 items to the community standards. Versions of tf2-item-format since at least 4.2.6 and prior to 5.9.14 are vulnerable to a Regular Expression Denial of Service ReDoS attack when parsing crafted user input. This vulnerability can be exploited by an attacker t...
CVE-2024-41655 TF2 Item Format Regular Expression Denial of Service vulnerability
TF2 Item Format helps users format TF2 items to the community standards. Versions of tf2-item-format since at least 4.2.6 and prior to 5.9.14 are vulnerable to a Regular Expression Denial of Service ReDoS attack when parsing crafted user input. This vulnerability can be exploited by an attacker t...
CVE-2024-41655
CVE-2024-41655 affects the tf2-item-format library. Versions from at least 4.2.6 up to 5.9.13 are vulnerable to a Regular Expression Denial of Service (ReDoS) when parsing crafted user input, allowing DoS of services that use this library. Version 5.9.14 contains a fix. Upgrading to 5.9.14 or app...
CVE-2024-41655 TF2 Item Format Regular Expression Denial of Service vulnerability
TF2 Item Format helps users format TF2 items to the community standards. Versions of tf2-item-format since at least 4.2.6 and prior to 5.9.14 are vulnerable to a Regular Expression Denial of Service ReDoS attack when parsing crafted user input. This vulnerability can be exploited by an attacker t...
(ReDoS) Regular Expression Denial of Service in tf2-item-format
Summary Versions of tf2-item-format since at least 4.2.6 are vulnerable to a Regular Expression Denial of Service ReDoS attack when parsing crafted user input. Tested Versions - 5.9.13 - 5.8.10 - 5.7.0 - 5.6.17 - 4.3.5 - 4.2.6 v5 Upgrade package to ^5.9.14 v4 No patch exists. Please consult the v...
@automatedtf/catalog (>=0.0.1 <=0.0.27), @automatedtf/reactor (>=0.0.1 <=0.0.9) +6 more potentially affected by CVE-2024-41655 via tf2-item-format (>=4.3.5 <=5.10.1)
tf2-item-format NPM version =4.3.5, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.27, =0.0.2, =0.0.1, =1.3.4 Source cves: CVE-2024-41655 Source advisory: OSV:GHSA-8H55-Q5QQ-P685...
GHSA-8H55-Q5QQ-P685 (ReDoS) Regular Expression Denial of Service in tf2-item-format
Summary Versions of tf2-item-format since at least 4.2.6 are vulnerable to a Regular Expression Denial of Service ReDoS attack when parsing crafted user input. Tested Versions - 5.9.13 - 5.8.10 - 5.7.0 - 5.6.17 - 4.3.5 - 4.2.6 v5 Upgrade package to ^5.9.14 v4 No patch exists. Please consult the v...