Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Regular Expression Denial of Service in flask-restx
Vulnerability Description
Flask-RESTX (pypi package flask-restx) is a community driven fork of Flask-RESTPlus. Flask-RESTX before version 0.5.1 is vulnerable to ReDoS (Regular Expression Denial of Service) in email_regex. This is fixed in version 0.5.1.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
flask-restx 资源管理错误漏洞
Vulnerability Description
flask-restx是一个应用软件。叉Flask-RESTPlus:功能齐全的框架,用于快速、简单和记录API开发瓶 Flask-RESTX 0.5.1 版之前存在资源管理错误漏洞,该漏洞允许攻击者进行ReDoS(正则表达式拒绝服务)的攻击。
CVSS Information
N/A
Vulnerability Type
N/A