mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
826 B
826 B
CVE-2023-26112
&color=brighgreen)
Description
All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate function, using (.+?)(.*).
Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file.
POC
Reference
Github
No PoCs found on GitHub currently.