5 matches found
UBUNTU-CVE-2026-4923
Impact: When using multiple wildcards, combined with at least one parameter, a regular expression can be generated that is vulnerable to ReDoS. This backtracking vulnerability requires the second wildcard to be somewhere other than the end of the path. Unsafe examples: /foo-bar-:baz /a-:b-c-:d...
PT-2026-28675
Name of the Vulnerable Software and Affected Versions path-to-regexp versions prior to 8.4.0 Description A flawed regular expression is created when multiple sequential optional groups using curly brace syntax are present, such as abc:z. The resulting regular expression expands exponentially with...
PT-2025-52599
Name of the Vulnerable Software and Affected Versions PHP versions 8.1.0 through 8.1.33 PHP versions 8.2.0 through 8.2.29 PHP versions 8.3.0 through 8.3.28 PHP versions 8.4.0 through 8.4.15 PHP versions 8.5.0 Description When using the PDO PostgreSQL driver with PDO::ATTR EMULATE PREPARES enabled...
PT-2021-3765 · Juniper Networks · Sbr Carrier
Name of the Vulnerable Software and Affected Versions: Juniper Networks SBR Carrier versions 8.4.1 through 8.4.1R18 Juniper Networks SBR Carrier versions 8.5.0 through 8.5.0R9 Juniper Networks SBR Carrier versions 8.6.0 through 8.6.0R3 Description: The issue is caused by a stack-based buffer...
PT-2019-19047 · Atlassian · Jira
Name of the Vulnerable Software and Affected Versions: Jira versions prior to 8.4.0 Description: The issue concerns an information disclosure vulnerability in the /rest/api/latest/groupuserpicker resource. This allows remote attackers to enumerate usernames. Recommendations: For versions prior to...