Denys Vozniuk

**Name of the Vulnerable Software and Affected Versions** Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, versions through R6.4.0.HF1 (R6.4.0.136) **Description** A vulnerability in the Mitel SIP Phones could allow an unauthenticated attacker with physical access to the phone to conduct an argument injection attack, due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary commands within the context of the system. **Recommendations** For versions through R6.4.0.HF1 (R6.4.0.136), consider restricting physical access to the phones to minimize the risk of exploitation. As a temporary workaround, consider disabling any functionality that may be related to the argument injection vulnerability until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Caret (affected versions not specified) **Description** The issue is related to an XSS attack that occurs when a user opens a crafted Markdown file with preview mode enabled, leading to client-side code execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** pymatgen (affected versions not specified) **Description** An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the pymatgen PyPI package when an attacker is able to supply arbitrary input to the `GaussianInput.from string` method. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** snowflake-connector-python (affected versions not specified) **Description** An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the snowflake-connector-python PyPI package when an attacker is able to supply arbitrary input to the `get file transfer type` method. This issue allows an attacker to cause a denial of service by exploiting the regular expression used in this method. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** cleo (affected versions not specified) **Description** An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the cleo PyPI package when an attacker is able to supply arbitrary input to the `Table.set rows` method. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** uri-template-lite npm package (affected versions not specified) **Description** An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the uri-template-lite npm package when an attacker is able to supply arbitrary input to the `URI.expand` method. This issue allows an attacker to cause a denial of service by exploiting the regular expression engine. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting the input to the `URI.expand` method to prevent arbitrary input from being processed.

**Name of the Vulnerable Software and Affected Versions** eth-account (affected versions not specified) **Description** The issue is related to an exponential ReDoS (Regular Expression Denial of Service) that can be triggered in the eth-account PyPI package. This occurs when an attacker is able to supply arbitrary input to the `encode structured data` method, potentially allowing a remote attacker to cause a denial of service. The vulnerability is associated with incorrect input data used as a condition for executing a cycle. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** devcert (affected versions not specified) **Description** The issue is related to an exponential ReDoS (Regular Expression Denial of Service) that can be triggered when an attacker supplies arbitrary input to the `certificateFor` method. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** markdown-link-extractor npm package (affected versions not specified) **Description** The issue is related to an exponential ReDoS (Regular Expression Denial of Service) that can be triggered when an attacker supplies arbitrary input to the module's exported function. This allows for a potential denial-of-service attack. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** jquery-validation npm package (affected versions not specified) **Description** An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package when an attacker is able to supply arbitrary input to the `url2` method. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** semver-regex (affected versions not specified) **Description** An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the semver-regex npm package when an attacker supplies arbitrary input to the `test()` method. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CivetWeb (affected versions not specified) **Description** The issue concerns the CivetWeb web library, which does not validate uploaded filepaths when running on an operating system other than Windows. This occurs when using the built-in HTTP form-based file upload mechanism via the `mg handle form request` API. Web applications that use the file upload form handler and include parts of the user-controlled filename in the output path are susceptible to directory traversal. An attacker could exploit this vulnerability by sending a specially crafted HTTP request, potentially allowing remote code execution. **Recommendations** As a temporary workaround, consider disabling the `mg handle form request` API function until a patch is available. Restrict access to the file upload form handler to minimize the risk of exploitation. Avoid using parts of the user-controlled filename in the output path. At the moment, there is no information about a newer version that contains a fix for this vulnerability.