Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
PowSyBl Core contains Polynomial REDoS’es
Vulnerability Description
PowSyBl (Power System Blocks) is a framework to build power system oriented software. Prior to version 6.7.2, there is a potential polynomial Regular Expression Denial of Service (ReDoS) vulnerability in the PowSyBl's DataSource mechanism. If successfully exploited, a malicious actor can cause significant CPU consumption due to regex backtracking — even with polynomial patterns. This issue has been patched in com.powsybl:powsybl-commons: 6.7.2.
CVSS Information
N/A
Vulnerability Type
CWE-1333
Vulnerability Title
PowSyBl 安全漏洞
Vulnerability Description
PowSyBl是PowSyBl公司的一个专门用于电力系统的建模和仿真的开源框架。 PowSyBl 6.7.2之前版本存在安全漏洞,该漏洞源于DataSource机制存在正则表达式拒绝服务漏洞,可能导致CPU消耗过高。
CVSS Information
N/A
Vulnerability Type
N/A