7.5CVSS
7.5AI Score
0.002EPSS
lib/DatabaseLayer.py in cve-search before 4.1.0 allows regular expression injection, which can lead to ReDoS (regular expression denial of service) or other impacts.
7.5CVSS
7.4AI Score
0.002EPSS
workers/extractor.py in Pandora (aka pandora-analysis/pandora) 1.3.0 allows a denial of service when an attacker submits a deeply nested ZIP archive (aka ZIP bomb).
6.5CVSS
6.3AI Score
0.001EPSS