Security Advisory

CVE-2023-26112

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-04-03 05:00:01

Last updated 2025-02-13 19:35:38

Assigner snyk

State PUBLISHED

Description

All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate function, using (.+?)((.*)). **Note:** This is only exploitable in the case of a developer, putting the offending value in a server side configuration file.

← Browse all CVEs View on cve.org ↗