9 matches found
CVE-2023-33289
The urlnorm crate through 0.1.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to lib.rs. NOTE: the Supplier disputes this, taking the position that "Slow printing of URLs is not a CVE."...
Withdrawn Advisory: urlnorm vulnerable to Regular Expression Denial of Service
Withdrawn Advisory This advisory has been withdrawn because the security impact of the slow printing of URLs has been disputed. This link is maintained to preserve external references. Original Description The urlnorm crate through 0.1.4 for Rust allows Regular Expression Denial of Service ReDos...
GHSA-FQHP-RHM6-8RRJ Withdrawn Advisory: urlnorm vulnerable to Regular Expression Denial of Service
Withdrawn Advisory This advisory has been withdrawn because the security impact of the slow printing of URLs has been disputed. This link is maintained to preserve external references. Original Description The urlnorm crate through 0.1.4 for Rust allows Regular Expression Denial of Service ReDos...
CVE-2023-33289
The urlnorm crate through 0.1.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to lib.rs. NOTE: the Supplier disputes this, taking the position that "Slow printing of URLs is not a CVE."...
CVE-2023-33289
The urlnorm crate through 0.1.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to lib.rs. NOTE: the Supplier disputes this, taking the position that "Slow printing of URLs is not a CVE."...
CVE-2023-33289
The urlnorm crate through 0.1.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to lib.rs. NOTE: the Supplier disputes this, taking the position that "Slow printing of URLs is not a CVE."...
CVE-2023-33289
The urlnorm crate through 0.1.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to lib.rs. NOTE: the Supplier disputes this, taking the position that "Slow printing of URLs is not a CVE."...
CVE-2023-33289
The CVE-2023-33289 entry concerns the Rust crate urlnorm (version up to 0.1.4). A Regular Expression Denial of Service (ReDoS) is described when processing a crafted URL in lib.rs. Reported CVSS v3.1 base metrics indicate Network attack vector, low attack complexity, no privileges required, and a...
urlnorm 安全漏洞
urlnorm is a URL normalization library for Rust open sourced by progscrape. A security vulnerability exists in urlnorm version 0.1.4 and earlier, which stems from a vulnerability that allows a regular expression denial of service ReDos via a crafted lib.rs URL...