105 matches found
BIT-PYTHON-MIN-2020-10735
A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int"text", a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are no...
Regular expression Denial of Service - ReDoS
Description A Regular Expression Denial of Service ReDoS vulnerability identified in the Transformers library, specifically in the file tokenizationnougatfast.py. The vulnerability occurs in the postprocesssingle function, where a regular expression processes specially crafted input. The issue...
Internet Bug Bounty: CVE-2024-38875: Denial-Of-Service through uncontrolled resource consumption caused by poor time complexity of strip_punctuation .
The vulnerability CVE-2024-38875 was discovered in the strippunctuation function used by the urlize and urlizetrunc filters. The function had a poor time complexity of On^2 in the worst case, which could lead to uncontrolled resource consumption when processing input with a large number of openin...
PT-2025-5893
Name of the Vulnerable Software and Affected Versions libtasn1 affected versions not specified Description A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can...
BIT-PYTHON-2020-10735
A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int"text", a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are no...
NewStart CGSL MAIN 6.06 : python3 Multiple Vulnerabilities (NS-SA-2023-0130)
The remote NewStart CGSL host, running version MAIN 6.06, has python3 packages installed that are affected by multiple vulnerabilities: - A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using inttext, a system could take 50ms to parse an int...
Rocky Linux 9 : python3.9 (RLSA-2022:7323)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7323 advisory. - A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using inttext, a system could take 50ms to parse an int...
Ubuntu 18.04 ESM / 20.04 ESM : hosted-git-info vulnerability (USN-5216-1)
The remote Ubuntu 18.04 ESM / 20.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5216-1 advisory. It was discovered that hosted-git-info incorrectly handled certain inputs. A remote attacker could use this to cause a denial of service. Tenable has...
RSEC-2023-6 Denial of Service (DoS) vulnerability
The commonmark package, specifically in its dependency on GitHub Flavored Markdown before version 0.29.0.gfm.1, has a vulnerability related to time complexity. Parsing certain crafted markdown tables can take On n time, leading to potential Denial of Service attacks. This issue does not affect th...
Denial Of Service (DoS)
libcmark-gfm.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to polynomial time complexity when creating tables or footnotes, which allows an attacker to cause unbounded resource exhaustion...
SUSE CVE-2023-37463
cmark-gfm is an extended version of the C reference implementation of CommonMark, a rationalized version of Markdown syntax with a spec. Three polynomial time complexity issues in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. These vulnerabilities have been...
Regular Expression Denial Of Service (ReDoS)
word-wrap is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists due to the usage of an regular expression with inefficient time complexity, resulting in long parsing times...
EulerOS Virtualization 3.0.6.0 : python3 (EulerOS-SA-2023-2229)
According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system...
CVE-2023-26485
A flaw was found in CommonMarker. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service...
Risk of Gas Limit Exceedance During Proposal Sorting
Lines of code Vulnerability details Impact The array of up to 10 proposals using the insertion sort algorithm in insertionSortProposalsByVotes function in the StandardFunding.sol contract but, if the number of proposals exceeds 10, the sorting process may cause the function to exceed the block ga...
Denial Of Service (DoS)
libcmark-gfm.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to polynomial time complexity issues that may lead to unbounded resource exhaustion causing an application crash...
SUSE CVE-2023-26485
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE covers quadratic complexity issues when parsing text which leads...
CVE-2023-26485
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE covers quadratic complexity issues when parsing text which leads...
Design/Logic Flaw
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE covers quadratic complexity issues when parsing text which leads...
CVE-2023-26485
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE covers quadratic complexity issues when parsing text which leads...