CVE-2022-42966

Опубликовано: 09 нояб. 2022

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 5.9

Описание

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.set_rows method

Релиз	Статус	Примечание
bionic	DNE
devel	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-infra/focal	DNE
focal	DNE
jammy	needs-triage
kinetic	ignored	end of life, was needs-triage
lunar	ignored	end of life, was needs-triage
mantic	ignored	end of life, was needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 32%

0.00124

Низкий

5.9 Medium

CVSS3

Связанные уязвимости

CVE-2022-42966

CVSS3: 5.9

nvd

около 3 лет назад

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.set_rows method

CVE-2022-42966

CVSS3: 5.9

debian

около 3 лет назад

An exponential ReDoS (Regular Expression Denial of Service) can be tri ...

GHSA-2p9h-ccw7-33gf

CVSS3: 5.9

github

около 3 лет назад

cleo is vulnerable to Regular Expression Denial of Service (ReDoS)

EPSS

Процентиль: 32%

0.00124

Низкий

5.9 Medium

CVSS3

CVE-2022-42966

Описание

Пакет python-cleo

Ссылки на источники

Связанные уязвимости