CVE-2021-45470

Опубликовано: 23 дек. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

lib/DatabaseLayer.py in cve-search before 4.1.0 allows regular expression injection, which can lead to ReDoS (regular expression denial of service) or other impacts.

Ссылки

https://github.com/cve-search/cve-search/commit/c621f9f0693a728b93ff3b964f948a1d25917207
Patch
Third Party Advisory
https://github.com/cve-search/cve-search/compare/v4.0...v4.1.0
Third Party Advisory
https://github.com/cve-search/cve-search/pull/629
Exploit
Patch
Third Party Advisory
https://github.com/cve-search/cve-search/commit/c621f9f0693a728b93ff3b964f948a1d25917207
Patch
Third Party Advisory
https://github.com/cve-search/cve-search/compare/v4.0...v4.1.0
Third Party Advisory
https://github.com/cve-search/cve-search/pull/629
Exploit
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:circl:cve-search:*:*:*:*:*:*:*:*

Версия до 4.1.0 (исключая)

EPSS

Процентиль: 61%

0.00408

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-1333

Связанные уязвимости

GHSA-hq5r-m79m-vm9v