漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
PowSyBl Core contains Polynomial REDoS’es
Vulnerability Description
PowSyBl (Power System Blocks) is a framework to build power system oriented software. Prior to version 6.7.2, there is a potential polynomial Regular Expression Denial of Service (ReDoS) vulnerability in the PowSyBl's DataSource mechanism. If successfully exploited, a malicious actor can cause significant CPU consumption due to regex backtracking — even with polynomial patterns. This issue has been patched in com.powsybl:powsybl-commons: 6.7.2.
CVSS Information
N/A
Vulnerability Type
CWE-1333
Vulnerability Title
PowSyBl 安全漏洞
Vulnerability Description
PowSyBl是PowSyBl公司的一个专门用于电力系统的建模和仿真的开源框架。 PowSyBl 6.7.2之前版本存在安全漏洞,该漏洞源于DataSource机制存在正则表达式拒绝服务漏洞,可能导致CPU消耗过高。
CVSS Information
N/A
Vulnerability Type
N/A