Логотип exploitDog
bind:CVE-2025-54363
Консоль
Логотип exploitDog

exploitDog

bind:CVE-2025-54363

Количество 4

Количество 4

ubuntu логотип

CVE-2025-54363

9 дней назад

Microsoft Knack 0.12.0 allows Regular expression Denial of Service (ReDoS) in the knack.introspection module (issue 1 of 2).

EPSS: Низкий
nvd логотип

CVE-2025-54363

9 дней назад

Microsoft Knack 0.12.0 allows Regular expression Denial of Service (ReDoS) in the knack.introspection module. extract_full_summary_from_signature employs an inefficient regular expression pattern: "\s(:param)\s+(.+?)\s:(.*)" that is susceptible to catastrophic backtracking when processing crafted docstrings containing a large volume of whitespace without a terminating colon. An attacker who can control or inject docstring content into affected applications can trigger excessive CPU consumption. This software is used by Azure CLI.

EPSS: Низкий
debian логотип

CVE-2025-54363

9 дней назад

Microsoft Knack 0.12.0 allows Regular expression Denial of Service (Re ...

EPSS: Низкий
github логотип

GHSA-6fxp-p9mg-q64w

9 дней назад

Microsoft Knack ReDoS Vulnerability in the Introspection Module

EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
ubuntu логотип
CVE-2025-54363

Microsoft Knack 0.12.0 allows Regular expression Denial of Service (ReDoS) in the knack.introspection module (issue 1 of 2).

0%
Низкий
9 дней назад
nvd логотип
CVE-2025-54363

Microsoft Knack 0.12.0 allows Regular expression Denial of Service (ReDoS) in the knack.introspection module. extract_full_summary_from_signature employs an inefficient regular expression pattern: "\s(:param)\s+(.+?)\s:(.*)" that is susceptible to catastrophic backtracking when processing crafted docstrings containing a large volume of whitespace without a terminating colon. An attacker who can control or inject docstring content into affected applications can trigger excessive CPU consumption. This software is used by Azure CLI.

0%
Низкий
9 дней назад
debian логотип
CVE-2025-54363

Microsoft Knack 0.12.0 allows Regular expression Denial of Service (Re ...

0%
Низкий
9 дней назад
github логотип
GHSA-6fxp-p9mg-q64w

Microsoft Knack ReDoS Vulnerability in the Introspection Module

0%
Низкий
9 дней назад

Уязвимостей на страницу