33 matches found
CVE-2026-41064
WWBN AVideo’s CVE-2026-33502 family is about an incomplete fix in plugin/Live/test.php. Affected versions (reported up to 29.0 in the CVE note, with related docs citing patch activity around commit 1e6cf03e93b5a5318204b010ea28440b0d9a5ab3) show that the wget path in test.php uses unsanitized user...
Security Bulletin: Vulnerabilities in Jetty, Eclipse Jetty, minimatch, url-regex, jsdiff, golang, qs and Apache Tomcat might affect IBM Storage Defender Copy Data Management
Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Jetty, Eclipse Jetty, minimatch, url-regex, jsdiff, golang, qs and Apache Tomcat. Vulnerabilities include the flaw in Eclipse Jetty could be used to bypass the authorization imposed by the intermediary as the...
WordPress rexCrawler plugin <= 1.0.15 - Reflected Cross-Site Scripting via 'url' and 'regex' Parameters vulnerability
Reflected Cross-Site Scripting via 'url' and 'regex' Parameters vulnerability discovered by san6051 - PWC in WordPress Plugin rexCrawler versions = 1.0.15...
CVE-2026-2277
The rexCrawler plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'url' and 'regex' parameters in the search-pattern tester page in all versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This makes it possible for...
EUVD-2020-0514
Malware in sbrugna...
EUVD-2022-4139
Malicious code in bioql PyPI...
CVE-2020-7661
all versions of url-regex are vulnerable to Regular Expression Denial of Service. An attacker providing a very long string in String.test can cause a Denial of Service...
PT-2023-29703 · Torbot +1 · Torbot +1
Name of the Vulnerable Software and Affected Versions: Torbot versions prior to 4.0.0 Description: The issue concerns the torbot.modules.validators.validate link function, which uses the python-validators URL validation regex. This regular expression has exponential complexity, allowing an attack...
Regular expression denial of service in url_regex
All versions of package url-regex are vulnerable to Regular Expression Denial of Service ReDoS which can cause the CPU usage to crash...
GHSA-HG3W-7HJ9-M3F7 Regular expression denial of service in url_regex
All versions of package url-regex are vulnerable to Regular Expression Denial of Service ReDoS which can cause the CPU usage to crash...
CVE-2022-21195
All versions of package url-regex are vulnerable to Regular Expression Denial of Service ReDoS which can cause the CPU usage to crash...
CVE-2022-21195
All versions of package url-regex are vulnerable to Regular Expression Denial of Service ReDoS which can cause the CPU usage to crash...
Code injection
All versions of package url-regex are vulnerable to Regular Expression Denial of Service ReDoS which can cause the CPU usage to crash...
CVE-2022-21195
CVE-2022-21195 concerns the Python package url_regex (url-regex); all versions are reported as vulnerable to Regular Expression Denial of Service (ReDoS) due to catastrophic backtracking in regex matching. Exploitation would cause high CPU usage, potentially crashing affected applications. Public...
CVE-2022-21195 Regular Expression Denial of Service (ReDoS)
All versions of package url-regex are vulnerable to Regular Expression Denial of Service ReDoS which can cause the CPU usage to crash...
url-regex 安全漏洞
url-regex is a regular expression library for matching URLs by Kevin Mårtensson, an individual developer in Sweden. A security vulnerability exists in url-regex that stems from vulnerability to Regular Expression Denial of Service ReDoS attacks, which can lead to CPU utilization crashes...
PT-2022-14915 · Url-Regex · Url-Regex
Name of the Vulnerable Software and Affected Versions: url-regex versions all Description: The issue is related to Regular Expression Denial of Service ReDoS, which can cause CPU usage to crash. Recommendations: For url-regex version all, consider disabling the use of the url-regex package until ...
OWASP ESAPI 安全漏洞
OWASP ESAPI is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications. cross-site scripting vulnerabilities exist in versions of OWASP ESAPI prior to 2.3.0.0, which originate from the " onsiteURL" regular expression erro...
Regular Expression Denial of Service
Overview All versions of url-regex are vulnerable to a Regular Expression Denial of Service. An attacker providing a very long string in String.test can cause a Denial of Service. Recommendation There are no patches and the software is not currently maintained. The security researcher who found t...
Regular expression denial of service in url-regex
all versions of url-regex are vulnerable to Regular Expression Denial of Service. An attacker providing a very long string in String.test can cause a Denial of Service...