CVE-2022-40023

Опубликовано: 07 сент. 2022

Источник: debian

EPSS Низкий

Описание

Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
mako	fixed	1.2.2+ds1-1		package

Примечания

https://github.com/sqlalchemy/mako/commit/925760291d6efec64fda6e9dd1fd9cfbd5be068c (rel_1_2_2)
https://github.com/sqlalchemy/mako/issues/366

EPSS

Процентиль: 76%

0.00955

Низкий

Связанные уязвимости

CVE-2022-40023

CVSS3: 7.5

ubuntu

больше 3 лет назад

Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.

CVE-2022-40023

CVSS3: 7.5

redhat

больше 3 лет назад

Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.

CVE-2022-40023

CVSS3: 7.5

nvd

больше 3 лет назад

Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.

CVE-2022-40023

CVSS3: 7.5

msrc

больше 3 лет назад

Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.

SUSE-SU-2022:3979-1

suse-cvrf

около 3 лет назад

Security update for python-Mako

EPSS

Процентиль: 76%

0.00955

Низкий