{"data":{"id":"062010b5-0d2d-47de-bef4-dcb760a47c7d","title":"GHSA-rq2q-4r55-9877: Giskard has a Regular Expression Denial of Service (ReDoS) in RegexMatching Check","summary":"The RegexMatching check in giskard-checks has a ReDoS vulnerability (regular expression denial of service, where a specially crafted regex pattern causes the regex engine to hang by backtracking excessively through text). An attacker with write access to check definitions can craft malicious regex patterns that make the testing process hang indefinitely, disrupting automated testing environments like CI/CD pipelines (continuous integration/continuous deployment automation).","solution":"Upgrade to giskard-checks >= 1.0.2b1.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-rq2q-4r55-9877","publishedAt":"2026-04-14T23:13:39.000Z","cveId":"CVE-2026-40319","cweIds":null,"cvssScore":null,"cvssSeverity":"low","severity":"low","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":["giskard-checks@<= 1.0.1b1 (fixed: 1.0.2b1)"],"affectedVendors":[],"affectedVendorsRaw":["Giskard"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-04-14T23:13:39.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}