Описание
An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in mscdex ssh2 v1.17.0.
A flaw was found in ssh2. This vulnerability, categorized as CWE-1333 (Inefficient Regular Expression Complexity), allows a remote attacker to cause a Denial of Service (DoS) by sending specially crafted input that triggers inefficient processing of regular expressions. This can lead to the affected component becoming unresponsive.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Build of Podman Desktop - Tech Preview | rhdesktop/rh-podman-desktop-ext-bootc-rhel10 | Fix deferred | ||
| Red Hat Build of Podman Desktop - Tech Preview | rhdesktop/rh-podman-desktop-ext-rhel-rhel10 | Fix deferred | ||
| Red Hat Developer Hub | rhdh/rhdh-hub-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9 | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-1333
https://bugzilla.redhat.com/show_bug.cgi?id=2445801ssh2: ssh2: Denial of Service due to inefficient regular expression complexity
6.5 Medium
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
25 дней назад
An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in mscdex ssh2 v1.17.0.
github
25 дней назад
An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in mscdex ssh2 v1.17.0.
6.5 Medium
CVSS3