5 matches found
MiracleLinux 8 : firefox-91.8.0-1.el8.ML.1 (AXSA:2022-3145:09)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3145:09 advisory. Mozilla: Use-after-free in NSSToken objects CVE-2022-1097 Mozilla: Out of bounds write due to unexpected WebAuthN Extensions CVE-2022-28281 Mozilla:...
Important: amazon-efs-utils
Issue Overview: regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane...
SUSE-SU-2025:3911-1 Security update for rav1e
This update for rav1e fixes the following issues: - CVE-2022-24713: Updated crate regex to 1.5.5 that resolves a ReDoS issue bsc1196972...
ApacheLogAnonymizer (>=0.1.0 <=0.1.1), BrewStillery (>=1.0.0 <=6.0.2) +3234 more potentially affected by CVE-2022-24713 via regex (>=0.1.58 <=1.5.4)
regex CARGO version =0.1.58, =0.1.0, =1.0.0, =0.1.1, =0.7.0, =0.10.0, =0.1.0, =0.0.6, =0.1.1, =0.1.4, =0.1.0, =0.2.0 and more Source cves: CVE-2022-24713 Source advisory: OSV:RUSTSEC-2022-0013...
RUSTSEC-2022-0013 Regexes with large repetitions on empty sub-expressions take a very long time to parse
The Rust Security Response WG was notified that the regex crate did not properly limit the complexity of the regular expressions regex it parses. An attacker could use this security issue to perform a denial of service, by sending a specially crafted regex to a service accepting untrusted regexes...