Описание
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.from_string method
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | not-affected | 2024.10.29+dfsg1-5 |
| esm-apps/jammy | needed | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | needed | |
| kinetic | ignored | end of life, was needs-triage |
| lunar | ignored | end of life, was needs-triage |
| mantic | ignored | end of life, was needs-triage |
| noble | DNE |
Показывать по
10
EPSS
Процентиль: 44%
0.00213
Низкий
5.9 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.9
nvd
около 3 лет назад
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.from_string method
CVSS3: 5.9
debian
около 3 лет назад
An exponential ReDoS (Regular Expression Denial of Service) can be tri ...
CVSS3: 5.9
github
около 3 лет назад
pymatgen is vulnerable to Regular Expression Denial of Service (ReDoS)
EPSS
Процентиль: 44%
0.00213
Низкий
5.9 Medium
CVSS3