CVE-2024-41655
CVE-2024-41655
Título es
CVE-2024-41655
Mar, 23/07/2024 – 15:15
Tipo
CWE-1333
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2024-41655
Descripción en
TF2 Item Format helps users format TF2 items to the community standards. Versions of `tf2-item-format` since at least `4.2.6` and prior to `5.9.14` are vulnerable to a Regular Expression Denial of Service (ReDoS) attack when parsing crafted user input. This vulnerability can be exploited by an attacker to perform DoS attacks on any service that uses any `tf2-item-format` to parse user input. Version `5.9.14` contains a fix for the issue.
23/07/2024
23/07/2024
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Gravedad 3.1 (CVSS 3.1 Base Score)
7.50
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH
Referencias
Enviar en el boletín
Off
