CVE-2022-42966

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.set_rows method
References
Link Resource
https://research.jfrog.com/vulnerabilities/cleo-redos-xray-257186/ Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:python-poetry:cleo:-:*:*:*:*:*:*:*

Information

Published : 2022-11-09 12:15

Updated : 2022-11-10 06:28


NVD link : CVE-2022-42966

Mitre link : CVE-2022-42966


JSON object : View

Advertisement

dedicated server usa

Products Affected

python-poetry

  • cleo