exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2025-68480

около 2 месяцев назад

Marshmallow is a lightweight library for converting complex objects to and from simple Python datatypes. In versions from 3.0.0rc1 to before 3.26.2 and from 4.0.0 to before 4.1.2, Schema.load(data, many=True) is vulnerable to denial of service attacks. A moderately sized request can consume a disproportionate amount of CPU time. This issue has been patched in version 3.26.2 and 4.1.2.

CVSS3: 5.3

EPSS: Низкий

CVE-2025-68480

около 2 месяцев назад

Marshmallow is a lightweight library for converting complex objects to and from simple Python datatypes. In versions from 3.0.0rc1 to before 3.26.2 and from 4.0.0 to before 4.1.2, Schema.load(data, many=True) is vulnerable to denial of service attacks. A moderately sized request can consume a disproportionate amount of CPU time. This issue has been patched in version 3.26.2 and 4.1.2.

CVSS3: 5.3

EPSS: Низкий

CVE-2025-68480

около 2 месяцев назад

Marshmallow is a lightweight library for converting complex objects to ...

CVSS3: 5.3

EPSS: Низкий

openSUSE-SU-2026:20087-1

17 дней назад

Security update for python-marshmallow

EPSS: Низкий

SUSE-SU-2026:0226-1

18 дней назад

Security update for python-marshmallow

EPSS: Низкий

GHSA-428g-f7cq-pgp5

около 2 месяцев назад

Marshmallow has DoS in Schema.load(many)

CVSS3: 5.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-68480 Marshmallow is a lightweight library for converting complex objects to and from simple Python datatypes. In versions from 3.0.0rc1 to before 3.26.2 and from 4.0.0 to before 4.1.2, Schema.load(data, many=True) is vulnerable to denial of service attacks. A moderately sized request can consume a disproportionate amount of CPU time. This issue has been patched in version 3.26.2 and 4.1.2.	CVSS3: 5.3	0% Низкий	около 2 месяцев назад
CVE-2025-68480 Marshmallow is a lightweight library for converting complex objects to and from simple Python datatypes. In versions from 3.0.0rc1 to before 3.26.2 and from 4.0.0 to before 4.1.2, Schema.load(data, many=True) is vulnerable to denial of service attacks. A moderately sized request can consume a disproportionate amount of CPU time. This issue has been patched in version 3.26.2 and 4.1.2.	CVSS3: 5.3	0% Низкий	около 2 месяцев назад
CVE-2025-68480 Marshmallow is a lightweight library for converting complex objects to ...	CVSS3: 5.3	0% Низкий	около 2 месяцев назад
openSUSE-SU-2026:20087-1 Security update for python-marshmallow		0% Низкий	17 дней назад
SUSE-SU-2026:0226-1 Security update for python-marshmallow		0% Низкий	18 дней назад
GHSA-428g-f7cq-pgp5 Marshmallow has DoS in Schema.load(many)	CVSS3: 5.3	0% Низкий	около 2 месяцев назад

Уязвимостей на страницу