CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-21681 – Exponential catastrophic backtracking (ReDoS) in marked
https://notcve.org/view.php?id=CVE-2022-21681
Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `inline.reflinkSearch` may cause catastrophic backtracking against some strings and lead to a denial of service (DoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources. • https://github.com/markedjs/marked/commit/8f806573a3f6c6b7a39b8cdb66ab5ebb8d55a5f5 https://github.com/markedjs/marked/security/advisories/GHSA-5v2h-r2cx-5xgj https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AIXDMC3CSHYW3YWVSQOXAWLUYQHAO5UX https://access.redhat.com/security/cve/CVE-2022-21681 https://bugzilla.redhat.com/show_bug.cgi?id=2082706 • CWE-186: Overly Restrictive Regular Expression CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2021-46022
https://notcve.org/view.php?id=CVE-2021-46022
An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. Una vulnerabilidad de Uso de Memoria Previamente Liberada en la función rec_mset_elem_destroy() en el archivo rec-mset.c de GNU Recutils v1.8.90, puede conllevar a un fallo de segmentación o un fallo de la aplicación • https://github.com/gnu-mirror-unofficial/recutils/commit/34b75ed7ad492c8e38b669ebafe0176f1f9992d2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDVOFC3HTBG7DF2PZTEXRMG4CV2F55UF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRSXSN2XF6PX74WDYVV26TQMYIFAEQ3T https://lists.gnu.org/archive/html/bug-recutils/2021-12/msg00007.html https://nvd.nist.gov/vuln/detail/CVE-2021-46022 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-21680 – Cubic catastrophic backtracking (ReDoS) in marked
https://notcve.org/view.php?id=CVE-2022-21680
Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `block.def` may cause catastrophic backtracking against some strings and lead to a regular expression denial of service (ReDoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources. • https://github.com/markedjs/marked/commit/c4a3ccd344b6929afa8a1d50ac54a721e57012c0 https://github.com/markedjs/marked/releases/tag/v4.0.10 https://github.com/markedjs/marked/security/advisories/GHSA-rrrm-qjm4-v8hf https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AIXDMC3CSHYW3YWVSQOXAWLUYQHAO5UX https://access.redhat.com/security/cve/CVE-2022-21680 https://bugzilla.redhat.com/show_bug.cgi?id=2082705 • CWE-186: Overly Restrictive Regular Expression CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2021-46019
https://notcve.org/view.php?id=CVE-2021-46019
An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. Una desreferencia de puntero no confiable en la función rec_db_destroy() del archivo rec-db.c de GNU Recutils versión v1.8.90, puede conllevar a un fallo de segmentación o un fallo de la aplicación • https://github.com/gnu-mirror-unofficial/recutils/commit/34b75ed7ad492c8e38b669ebafe0176f1f9992d2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDVOFC3HTBG7DF2PZTEXRMG4CV2F55UF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRSXSN2XF6PX74WDYVV26TQMYIFAEQ3T https://lists.gnu.org/archive/html/bug-recutils/2021-12/msg00009.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 2CVE-2022-21668 – Pipenv's requirements.txt parsing allows malicious index url in comments
https://notcve.org/view.php?id=CVE-2022-21668
pipenv is a Python development workflow tool. Starting with version 2018.10.9 and prior to version 2022.1.8, a flaw in pipenv's parsing of requirements files allows an attacker to insert a specially crafted string inside a comment anywhere within a requirements.txt file, which will cause victims who use pipenv to install the requirements file to download dependencies from a package index server controlled by the attacker. By embedding malicious code in packages served from their malicious index server, the attacker can trigger arbitrary remote code execution (RCE) on the victims' systems. If an attacker is able to hide a malicious `--index-url` option in a requirements file that a victim installs with pipenv, the attacker can embed arbitrary malicious code in packages served from their malicious index server that will be executed on the victim's host during installation (remote code execution/RCE). When pip installs from a source distribution, any code in the setup.py is executed by the install process. • https://github.com/sreeram281997/CVE-2022-21668-Pipenv-RCE-vulnerability https://github.com/pypa/pipenv/commit/439782a8ae36c4762c88e43d5f0d8e563371b46f https://github.com/pypa/pipenv/releases/tag/v2022.1.8 https://github.com/pypa/pipenv/security/advisories/GHSA-qc9x-gjcv-465w https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56HBA3EOSLEDNCCBJVHE6DO34P56EOUM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KCROBYHUS6DKQPCXBRPCZ5CDBNQTYAWT https:// • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-190: Integer Overflow or Wraparound CWE-427: Uncontrolled Search Path Element CWE-791: Incomplete Filtering of Special Elements CWE-1284: Improper Validation of Specified Quantity in Input •