Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 07 May 2026 01:14:43 +0000 67e4e73d-85ad-4e6b-9b05-492f0aa12f45 https://vulnerability.circl.lu/sighting/67e4e73d-85ad-4e6b-9b05-492f0aa12f45/export {"uuid": "67e4e73d-85ad-4e6b-9b05-492f0aa12f45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32758", "type": "seen", "source": "https://t.me/cibsecurity/64078", "content": "\u203c CVE-2023-32758 \u203c\n\ngiturlparse (aka git-url-parse) through 1.2.2, as used in Semgrep through 1.21.0, is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package (for example, to check whether it accesses any Git repository at an http:// URL), and that package's author placed a ReDoS attack payload in a URL used by the package.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-15T07:29:12.000000Z"} {"uuid": "67e4e73d-85ad-4e6b-9b05-492f0aa12f45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32758", "type": "seen", "source": "https://t.me/cibsecurity/64078", "content": "\u203c CVE-2023-32758 \u203c\n\ngiturlparse (aka git-url-parse) through 1.2.2, as used in Semgrep through 1.21.0, is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package (for example, to check whether it accesses any Git repository at an http:// URL), and that package's author placed a ReDoS attack payload in a URL used by the package.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-15T07:29:12.000000Z"} https://vulnerability.circl.lu/sighting/67e4e73d-85ad-4e6b-9b05-492f0aa12f45/export Mon, 15 May 2023 07:29:12 +0000 a2f06e9b-1ed3-43e2-9c52-fd8d1394fa8c https://vulnerability.circl.lu/sighting/a2f06e9b-1ed3-43e2-9c52-fd8d1394fa8c/export {"uuid": "a2f06e9b-1ed3-43e2-9c52-fd8d1394fa8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32758", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2814", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32758\n\ud83d\udd39 Description: giturlparse (aka git-url-parse) through 1.2.2, as used in Semgrep 1.5.2 through 1.24.1, is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package (for example, to check whether it accesses any Git repository at an http:// URL), and that package's author placed a ReDoS attack payload in a URL used by the package.\n\ud83d\udccf Published: 2023-05-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-23T19:38:56.258Z\n\ud83d\udd17 References:\n1. https://github.com/coala/git-url-parse/blob/master/giturlparse/parser.py#L53\n2. https://pypi.org/project/git-url-parse\n3. https://github.com/returntocorp/semgrep/pull/7611\n4. https://github.com/returntocorp/semgrep/pull/7955\n5. https://github.com/returntocorp/semgrep/pull/7943", "creation_timestamp": "2025-01-23T20:03:34.000000Z"} {"uuid": "a2f06e9b-1ed3-43e2-9c52-fd8d1394fa8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32758", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2814", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32758\n\ud83d\udd39 Description: giturlparse (aka git-url-parse) through 1.2.2, as used in Semgrep 1.5.2 through 1.24.1, is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package (for example, to check whether it accesses any Git repository at an http:// URL), and that package's author placed a ReDoS attack payload in a URL used by the package.\n\ud83d\udccf Published: 2023-05-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-23T19:38:56.258Z\n\ud83d\udd17 References:\n1. https://github.com/coala/git-url-parse/blob/master/giturlparse/parser.py#L53\n2. https://pypi.org/project/git-url-parse\n3. https://github.com/returntocorp/semgrep/pull/7611\n4. https://github.com/returntocorp/semgrep/pull/7955\n5. https://github.com/returntocorp/semgrep/pull/7943", "creation_timestamp": "2025-01-23T20:03:34.000000Z"} https://vulnerability.circl.lu/sighting/a2f06e9b-1ed3-43e2-9c52-fd8d1394fa8c/export Thu, 23 Jan 2025 20:03:34 +0000