Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
shell-quote parse() is quadratic in token count, enabling denial of service
Mistune: Potential DoS via quadratic-time parsing in parse_link_text
Plug: quadratic-time decoding of nested query/body parameters enables denial of service
MessagePack-CSharp: Denial of service vulnerabilities can swamp the CPU or crash the process with stack and heap overflows
MessagePack-CSharp: ExpandoObject formatter can perform quadratic insertion work on untrusted maps
MessagePack-CSharp: InterfaceLookupFormatter bypasses collision-resistant comparer settings
pypdf: Inefficient decoding of FlateDecode PNG predictor streams
Python-Multipart: Quadratic-time querystring parsing with semicolon separators causes CPU denial of service
js-yaml: Quadratic-complexity DoS in merge key handling via repeated aliases
CPU exhaustion via O(n^2) BigInt construction on radix-prefixed integer literals
ImageMagick: Policy Bypass in MNG coder could
Spring Framework Algorithmic Denial of Service via SpEL Expressions
bytedance InfiniStore KV Map infinistore.h purge_kv_map algorithmic complexity
Potential DoS via quadratic complexity in unicodedata.normalize()
Text::LineFold versions through 2019.001 for Perl duplicate the output based on the number of special break characters
Botan: Quadratic complexity decoding BER indefinite length encodings
IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward
Unbounded name compression in certain cases causes degradation of service
Degradation of service with unbounded NSEC3 hash calculations
Long list of incoming EDNS options degrades performance
Showing 1 - 20 of 1,000+ results