Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:configobj_project:configobj:5.0.7:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-26112 |
All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate function, using (.+?)\((.*)\). **Note:** This is only exploitable in the case of a developer, putting the offending value in a server side configuration file. Published: April 03, 2023; 1:15:07 AM -0400 |
V4.0:(not available) V3.1: 5.9 MEDIUM V2.0:(not available) |