How severe is CVE-2023-7279?

This vulnerability has a severity rating of LOW with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2023-7279?

This is classified as CWE-1333, which is a common weakness in software security.

CVE-2023-7279 - LOW Severity | CVSS 5.9

Vulnerability Description

A vulnerability has been found in Secure Systems Engineering Connaisseur up to 3.3.0 and classified as problematic. This vulnerability affects unknown code of the file connaisseur/res/targets_schema.json of the component Delegation Name Handler. The manipulation leads to inefficient regular expression complexity. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 3.3.1 is able to address this issue. The name of the patch is 524b73ff7306707f6d3a4d1e86401479bca91b02. It is recommended to upgrade the affected component.

Related Vulnerabilities

CVE-2022-2596

MEDIUM

CVSS:5.9(Medium)

Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10.

CWE-13332022

CVE-2022-40897

MEDIUM

CVSS:5.9(Medium)

Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression...

CWE-13332022

CVE-2023-26112

MEDIUM

CVSS:5.9(Medium)

All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate function, using (.+?)\((.*)\). **Note:** This is only exploitable in the case of a...

CWE-13332023

CVE-2024-3772

MEDIUM

CVSS:5.9(Medium)

Regular expression denial of service in Pydanic < 2.4.0, < 1.10.13 allows remote attackers to cause denial of service via a crafted email string.

CWE-13332024

CVE-2025-26042

MEDIUM

CVSS:6.0(Medium)

Uptime Kuma >== 1.23.0 has a ReDoS vulnerability, specifically when an administrator creates a notification through the web service. If a string is provided it triggers catastrophic backtracking in th...

CWE-13332025

CVE-2023-25167

MEDIUM

CVSS:5.7(Medium)

Discourse is an open source discussion platform. In affected versions a malicious user can cause a regular expression denial of service using a carefully crafted git URL. This issue is patched in the ...

CWE-13332023