CVE - Search Results

TOTAL CVE Records: 275992

NOTICE: Transition to the all-new CVE website at WWW.CVE.ORG and CVE Record Format JSON are underway.

NOTICE: Support for the legacy CVE download formats ended on June 30, 2024.
New CVE List download format is available now on CVE.ORG.

Search Results

There are 1 CVE Records that match your search.

Name	Description
CVE-2023-26112	All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate function, using (.+?)\((.)\). Note:* This is only exploitable in the case of a developer, putting the offending value in a server side configuration file.


	Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps. For More Information: CVE Request Web Form (select “Other” from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2025, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.