Описание
Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.
A vulnerability was found in the mako package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 3 | python-pecan | Out of support scope | ||
| Red Hat Ceph Storage 4 | python-pecan | Affected | ||
| Red Hat Ceph Storage 5 | python-pecan | Affected | ||
| Red Hat Enterprise Linux 6 | python-mako | Out of support scope | ||
| Red Hat Enterprise Linux 7 | python-mako | Out of support scope | ||
| Red Hat Enterprise Linux 7 | resource-agents | Out of support scope | ||
| Red Hat Enterprise Linux 8 | resource-agents | Will not fix | ||
| Red Hat Openshift Container Storage 4 | python-pecan | Affected | ||
| Red Hat Openshift Data Foundation 4 | python-pecan | Affected | ||
| Red Hat OpenStack Platform 13 (Queens) | python-pecan | Out of support scope |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.
Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.
Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denia ...
7.5 High
CVSS3