@antv/auto-chart (>=2.0.0 <=2.1.0-alpha.0), @antv/chart-advisor (>=2.0.0 <=2.1.0-alpha.1) +4 more potentially affected by unknown CVE via @antv/data-wizard (>=2.0.4 <=2.1.0-alpha.5)

@antv/data-wizard NPM version =2.0.4, =2.0.0, =2.0.0, =1.2.0-beta.0, =2.0.0, =2.0.0, =0.0.1, =0.1.0-beta.57 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3869...

CLSA-2026-1778661102 ruby: Fix of CVE-2023-28756

CVE-2023-28756: fix ReDoS in Time.rfc2822 by linearizing the RFC2822 parser regex in lib/time.rb to prevent quadratic backtracking on crafted invalid input...

time 安全漏洞

time is a date and time handling library in Rust developed by Time. Versions of time from 0.3.6 to 0.3.47 contained a security vulnerability. This vulnerability occurred when user-provided inputs were passed to types that parse RFC 2822 formats, potentially leading to a denial-of-service attack d...

[SECURITY] Fedora 42 Update: golang-github-facebook-time-0^20251216git61f7510-2.fc42

Meta's Time libraries...

[SECURITY] Fedora 42 Update: golang-github-facebook-time-0^20251021gite970944-1.fc42

Meta's Time libraries...

ROS-20240826-09

The vulnerability in the Time library of the Ruby interpreter is related to the use of regular expression c inefficient computational complexity. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service Vulnerability in the URI component of the Ruby...

Time4J Base 安全漏洞

Time4J is an advanced date, time and interval library for Java by the individual developer Meno Hochschild. A security vulnerability exists in Time4J Base version v5.9.3 that stems from the presence of a null pointer exception...

PubNub Security Breach

PubNub is a library of PubNub open source . It is used to take care of the infrastructure and APIs required to handle the real-time communication layer of an application. PubNub suffers from a security vulnerability that stems from an inefficient implementation of the AES-256-CBC encryption...

ruby: ReDoS vulnerability in Time

A flaw was found in the Time gem and Time library of Ruby. The Time parser mishandles invalid strings with specific characters and causes an increase in execution time for parsing strings to Time objects. This issue may result in a Regular expression denial of service ReDoS...

ruby: ReDoS vulnerability in Time

A flaw was found in the Time gem and Time library of Ruby. The Time parser mishandles invalid strings with specific characters and causes an increase in execution time for parsing strings to Time objects. This issue may result in a Regular expression denial of service ReDoS...

CVE-2023-28756

A flaw was found in the Time gem and Time library of Ruby. The Time parser mishandles invalid strings with specific characters and causes an increase in execution time for parsing strings to Time objects. This issue may result in a Regular expression denial of service ReDoS...

CVE-2023-22467

Luxon’s DateTime.fromRFC2822() on the 1.x branch before 1.38.1, the 2.x branch before 2.5.2, and the 3.x branch on 3.2.1 exhibits quadratic (N^2) complexity for some inputs, causing slowdowns for untrusted data (≈ &gt;10k chars) and enabling (Re)DoS. Patches exist in 1.38.1, 2.5.2, and 3.2.1; a r...

Luxon 安全漏洞

Luxon is a Moment.js open source library for handling dates and times in JavaScript. Luxon has a security vulnerability that stems from its DateTime.fromRFC2822 method having quadratic N^2 complexity on certain inputs resulting in a denial of service when a user enters untrusted data into the...

RUSTSEC-2020-0159 Potential segfault in `localtime_r` invocations

Impact Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library...

MS12-013: Vulnerability in C Run-Time Library could allow remote code execution: February 14, 2012

MS12-013: Vulnerability in C Run-Time Library could allow remote code execution: February 14, 2012 INTRODUCTION Microsoft has released security bulletin MS12-013. To view the complete security bulletin, visit one of the following Microsoft websites: Home users:...

UBUNTU-CVE-2016-1550

An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key...

Microsoft Windows C Run-Time Library Remote Code Execution Vulnerability (2654428)

This host is missing a critical security update according to Microsoft Bulletin MS12-013. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

[security bulletin] HPSBOV02364 SSRT080078 rev.1 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01539423 Version: 1 HPSBOV02364 SSRT080078 rev.1 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access NOTICE: The information in this Security Bulletin should be...

CVE-2007-2998

The Pascal run-time library PAS$RTL.EXE before 20070418 on OpenVMS for Integrity Servers 8.3, and PAS$RTL.EXE before 20070419 on OpenVMS Alpha 8.3, does not properly restore PC and PSL values, which allows local users to cause a denial of service system crash via certain Pascal code...

CVE-2007-2998

The Pascal run-time library PAS$RTL.EXE before 20070418 on OpenVMS for Integrity Servers 8.3, and PAS$RTL.EXE before 20070419 on OpenVMS Alpha 8.3, does not properly restore PC and PSL values, which allows local users to cause a denial of service system crash via certain Pascal code...