Security
Headlines

Headlines Latest CVEs

Headline

GHSA-g3pv-pj5f-3hfq: mechanize Regular Expression Denial of Service vulnerability

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service (ReDoS) prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for the issue.

2 years ago

#vulnerability #web #dos #git

mechanize Regular Expression Denial of Service vulnerability

High severity GitHub Reviewed Published Jan 18, 2023 • Updated Jan 20, 2023

Related news

CVE-2021-32837: GHSL-2021-108: ReDoS (Regular Expression Denial of Service) in mechanize - CVE-2021-32837

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service (ReDoS) prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for the issue.

2 years ago

#vulnerability #web #dos #git #auth

ghsa: Latest News

GHSA-2c6g-pfx3-w7h8: Insecure Temporary File in RESTEasy

57 minutes ago

GHSA-mqf3-qpc3-g26q: Silverstripe Framework has a Reflected Cross Site Scripting (XSS) in error message

21 hours ago

GHSA-ff6q-3c9c-6cf5: Silverstripe Framework has a XSS in form messages

21 hours ago

GHSA-7cmp-cgg8-4c82: Silverstripe Framework has a XSS via insert media remote file oembed

21 hours ago

GHSA-m9c9-mc2h-9wjw: Lodestar snappy checksum issue

21 hours ago