exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2024-43380

больше 1 года назад

fugit contains time tools for flor and the floraison group. The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 * * 3", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse call could hold the thread with no end in sight. Fugit dependents that do not check (user) input length for plausibility are impacted. A fix was released in fugit 1.11.1.

CVSS3: 5.3

EPSS: Низкий

CVE-2024-43380

больше 1 года назад

fugit contains time tools for flor and the floraison group. The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 * * 3", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse call could hold the thread with no end in sight. Fugit dependents that do not check (user) input length for plausibility are impacted. A fix was released in fugit 1.11.1.

CVSS3: 3.3

EPSS: Низкий

CVE-2024-43380

больше 1 года назад

fugit contains time tools for flor and the floraison group. The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 * * 3", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse call could hold the thread with no end in sight. Fugit dependents that do not check (user) input length for plausibility are impacted. A fix was released in fugit 1.11.1.

CVSS3: 5.3

EPSS: Низкий

CVE-2024-43380

больше 1 года назад

fugit contains time tools for flor and the floraison group. The fugit ...

CVSS3: 5.3

EPSS: Низкий

GHSA-2m96-52r3-2f3g

больше 1 года назад

fugit parse and parse_nat stall on lengthy input

CVSS3: 5.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-43380 fugit contains time tools for flor and the floraison group. The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 * * 3", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse call could hold the thread with no end in sight. Fugit dependents that do not check (user) input length for plausibility are impacted. A fix was released in fugit 1.11.1.	CVSS3: 5.3	0% Низкий	больше 1 года назад
CVE-2024-43380 fugit contains time tools for flor and the floraison group. The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 * * 3", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse call could hold the thread with no end in sight. Fugit dependents that do not check (user) input length for plausibility are impacted. A fix was released in fugit 1.11.1.	CVSS3: 3.3	0% Низкий	больше 1 года назад
CVE-2024-43380 fugit contains time tools for flor and the floraison group. The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 * * 3", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse call could hold the thread with no end in sight. Fugit dependents that do not check (user) input length for plausibility are impacted. A fix was released in fugit 1.11.1.	CVSS3: 5.3	0% Низкий	больше 1 года назад
CVE-2024-43380 fugit contains time tools for flor and the floraison group. The fugit ...	CVSS3: 5.3	0% Низкий	больше 1 года назад
GHSA-2m96-52r3-2f3g fugit parse and parse_nat stall on lengthy input	CVSS3: 5.3	0% Низкий	больше 1 года назад

Уязвимостей на страницу