lib/DatabaseLayer.py in cve-search before 4.1.0 allows regular expression injection, which can lead to ReDoS (regular expression denial of service) or other impacts.
References
Link | Resource |
---|---|
https://github.com/cve-search/cve-search/commit/c621f9f0693a728b93ff3b964f948a1d25917207 | Patch Third Party Advisory |
https://github.com/cve-search/cve-search/compare/v4.0...v4.1.0 | Third Party Advisory |
https://github.com/cve-search/cve-search/pull/629 | Exploit Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-12-23T20:32:50
Updated: 2021-12-23T20:32:50
Reserved: 2021-12-23T00:00:00
Link: CVE-2021-45470
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-12-23T21:15:09.030
Modified: 2023-08-08T14:22:24.967
Link: CVE-2021-45470
JSON object: View
Redhat Information
No data.
CWE