vulnerability
FreeBSD: VID-83b29e3f-886f-439f-b9a8-72e014479ff9 (CVE-2022-39280): py-dparse -- REDoS vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:N/I:N/A:C) | Aug 31, 2023 | Sep 1, 2023 | Mar 25, 2026 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:C)
Published
Aug 31, 2023
Added
Sep 1, 2023
Modified
Mar 25, 2026
Description
yeisonvargasf reports: dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular expression that is vulnerable to a Regular Expression Denial of Service. All the users parsing index server URLs with dparse are impacted by this vulnerability. Users unable to upgrade should avoid passing index server URLs in the source file to be parsed.
Solutions
freebsd-upgrade-package-py37-dparsefreebsd-upgrade-package-py38-dparsefreebsd-upgrade-package-py39-dparsefreebsd-upgrade-package-py310-dparsefreebsd-upgrade-package-py311-dparse
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.