Lucene search
K

105 matches found

OSV
OSV
added 2025/01/16 7:24 a.m.18 views

BIT-PYTHON-MIN-2020-10735

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int"text", a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are no...

7.5CVSS7.6AI score0.03379EPSS
Exploits0References30
Huntr
Huntr
added 2024/12/03 10:12 a.m.16 views

Regular expression Denial of Service - ReDoS

Description A Regular Expression Denial of Service ReDoS vulnerability identified in the Transformers library, specifically in the file tokenizationnougatfast.py. The vulnerability occurs in the postprocesssingle function, where a regular expression processes specially crafted input. The issue...

7.5CVSS6.2AI score0.00684EPSS
Exploits0
Hacker One
Hacker One
added 2024/07/09 4:15 p.m.70 views

Internet Bug Bounty: CVE-2024-38875: Denial-Of-Service through uncontrolled resource consumption caused by poor time complexity of strip_punctuation .

The vulnerability CVE-2024-38875 was discovered in the strippunctuation function used by the urlize and urlizetrunc filters. The function had a poor time complexity of On^2 in the worst case, which could lead to uncontrolled resource consumption when processing input with a large number of openin...

7.5CVSS6AI score0.01187EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/07/01 12:0 a.m.3 views

PT-2025-5893

Name of the Vulnerable Software and Affected Versions libtasn1 affected versions not specified Description A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can...

5.3CVSS6.7AI score0.0107EPSS
Exploits0References99
OSV
OSV
added 2024/03/06 11:8 a.m.29 views

BIT-PYTHON-2020-10735

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int"text", a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are no...

7.5CVSS7.6AI score0.03379EPSS
Exploits0References30
Tenable Nessus
Tenable Nessus
added 2023/11/09 12:0 a.m.27 views

NewStart CGSL MAIN 6.06 : python3 Multiple Vulnerabilities (NS-SA-2023-0130)

The remote NewStart CGSL host, running version MAIN 6.06, has python3 packages installed that are affected by multiple vulnerabilities: - A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using inttext, a system could take 50ms to parse an int...

6.6AI score0.03379EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.21 views

Rocky Linux 9 : python3.9 (RLSA-2022:7323)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7323 advisory. - A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using inttext, a system could take 50ms to parse an int...

7.5CVSS7AI score0.03379EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.52 views

Ubuntu 18.04 ESM / 20.04 ESM : hosted-git-info vulnerability (USN-5216-1)

The remote Ubuntu 18.04 ESM / 20.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5216-1 advisory. It was discovered that hosted-git-info incorrectly handled certain inputs. A remote attacker could use this to cause a denial of service. Tenable has...

5.3CVSS6.8AI score0.03612EPSS
Exploits1References2
OSV
OSV
added 2023/10/06 5:0 a.m.63 views

RSEC-2023-6 Denial of Service (DoS) vulnerability

The commonmark package, specifically in its dependency on GitHub Flavored Markdown before version 0.29.0.gfm.1, has a vulnerability related to time complexity. Parsing certain crafted markdown tables can take On n time, leading to potential Denial of Service attacks. This issue does not affect th...

6.5CVSS6.2AI score0.01566EPSS
Exploits0References3
Veracode
Veracode
added 2023/07/18 8:19 a.m.29 views

Denial Of Service (DoS)

libcmark-gfm.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to polynomial time complexity when creating tables or footnotes, which allows an attacker to cause unbounded resource exhaustion...

7.5CVSS6.8AI score0.00591EPSS
Exploits1References3Affected Software3
SUSE CVE
SUSE CVE
added 2023/07/15 2:17 a.m.3 views

SUSE CVE-2023-37463

cmark-gfm is an extended version of the C reference implementation of CommonMark, a rationalized version of Markdown syntax with a spec. Three polynomial time complexity issues in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. These vulnerabilities have been...

5.9CVSS6.9AI score0.00591EPSS
Exploits1References3
Veracode
Veracode
added 2023/06/29 7:13 a.m.42 views

Regular Expression Denial Of Service (ReDoS)

word-wrap is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists due to the usage of an regular expression with inefficient time complexity, resulting in long parsing times...

7.5CVSS6.8AI score0.01709EPSS
Exploits1References5Affected Software2
Tenable Nessus
Tenable Nessus
added 2023/06/13 12:0 a.m.49 views

EulerOS Virtualization 3.0.6.0 : python3 (EulerOS-SA-2023-2229)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system...

9.8CVSS7.4AI score0.07017EPSS
Exploits3References6
RedhatCVE
RedhatCVE
added 2023/05/26 5:10 p.m.29 views

CVE-2023-26485

A flaw was found in CommonMarker. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service...

7.5CVSS6.8AI score0.01029EPSS
Exploits1References4
Code423n4
Code423n4
added 2023/05/11 12:0 a.m.10 views

Risk of Gas Limit Exceedance During Proposal Sorting

Lines of code Vulnerability details Impact The array of up to 10 proposals using the insertion sort algorithm in insertionSortProposalsByVotes function in the StandardFunding.sol contract but, if the number of proposals exceeds 10, the sorting process may cause the function to exceed the block ga...

6.9AI score
Exploits0
Veracode
Veracode
added 2023/04/11 9:44 a.m.20 views

Denial Of Service (DoS)

libcmark-gfm.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to polynomial time complexity issues that may lead to unbounded resource exhaustion causing an application crash...

7.5CVSS7.3AI score0.01027EPSS
Exploits2References2Affected Software3
SUSE CVE
SUSE CVE
added 2023/04/04 2:15 a.m.2 views

SUSE CVE-2023-26485

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE covers quadratic complexity issues when parsing text which leads...

7.5CVSS6.8AI score0.01029EPSS
Exploits1References3
NVD
NVD
added 2023/03/31 11:15 p.m.35 views

CVE-2023-26485

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE covers quadratic complexity issues when parsing text which leads...

7.5CVSS6.7AI score0.01029EPSS
Exploits1References2
Prion
Prion
added 2023/03/31 11:15 p.m.17 views

Design/Logic Flaw

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE covers quadratic complexity issues when parsing text which leads...

5CVSS7.7AI score0.01029EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCve
added 2023/03/31 11:15 p.m.22 views

CVE-2023-26485

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE covers quadratic complexity issues when parsing text which leads...

7.5CVSS6.9AI score0.01029EPSS
Exploits1References3
Rows per page
Query Builder