{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T04:44:19.903","vulnerabilities":[{"cve":{"id":"CVE-2022-31100","sourceIdentifier":"security-advisories@github.com","published":"2022-06-27T22:15:09.240","lastModified":"2024-11-21T07:03:53.663","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"rulex is a new, portable, regular expression language. When parsing untrusted rulex expressions, rulex may crash, possibly enabling a Denial of Service attack. This happens when the expression contains a multi-byte UTF-8 code point in a string literal or after a backslash, because rulex tries to slice into the code point and panics as a result. This is a security concern for you, if your service parses untrusted rulex expressions (expressions provided by an untrusted user), and your service becomes unavailable when the thread running rulex panics. The crashes are fixed in version **0.4.3**. Affected users are advised to update to this version. The only known workaround for this issue is to assume that regular expression parsing will panic and to add logic to catch panics."},{"lang":"es","value":"rulex es un nuevo lenguaje de expresión regular portátil. Cuando son analizadas expresiones de rulex que no son confiables, rulex puede bloquearse, permitiendo posiblemente un ataque de Denegación de Servicio. Esto ocurre cuando la expresión contiene un punto de código UTF-8 multibyte en una cadena literal o después de una barra invertida, porque rulex intenta cortar el punto de código y entra en pánico como resultado. Esto es un problema de seguridad para usted, si su servicio analiza expresiones de rulex que no son confiables (expresiones proporcionadas por un usuario que no es confiable), y su servicio deja de estar disponible cuando el hilo que ejecuta rulex entra en pánico. Los bloqueos han sido corregidos en versión **0.4.3**. Es recomendado a usuarios afectados actualizar a esta versión. La única mitigación conocida para este problema es asumir que el análisis de expresiones regulares entrará en pánico y añadir lógica para detectar los pánicos"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:P","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-617"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pomsky-lang:pomsky:*:*:*:*:*:rust:*:*","versionEndExcluding":"0.4.3","matchCriteriaId":"BD1AEB74-00F4-4E35-839A-98858DF404B2"}]}]}],"references":[{"url":"https://github.com/rulex-rs/rulex/commit/fac6d58b25c6f9f8c0a6cdc4dec75b37b219f1d6","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/rulex-rs/rulex/security/advisories/GHSA-8v9w-p43c-r885","source":"security-advisories@github.com","tags":["Mitigation","Third Party Advisory"]},{"url":"https://github.com/rulex-rs/rulex/commit/fac6d58b25c6f9f8c0a6cdc4dec75b37b219f1d6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/rulex-rs/rulex/security/advisories/GHSA-8v9w-p43c-r885","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Third Party Advisory"]}]}}]}