63 matches found
Regular Expression Denial Of Service (ReDoS)
h2o is vulnerable to regular expression denial of service. The use of inefficient regular expression allows an attacker to provide a malicious input string, causing extreme use of regex engine and crashing the application...
Regular Expression Denial Of Service (ReDoS)
pillow is vulnerable to regular expression denial of service. The getrgb function accepts user-provided very long color specifier, exhausting regex engine due to excessive CPU consumption and resulting in a Denial of Service...
perl: heap-based buffer overflow in regular expression compiler leads to DoS
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow...
perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive Sstudychunk calls...
Cisco IOS Software Split DNS DoS (cisco-sa-splitdns-SPWqpdGW)
According to its self-reported version, Cisco IOS Software is affected by a denial of service DoS vulnerability as the Split DNS feature's regular expression regex engine may time out when processing the DNS name list configuration. An unauthenticated, remote attacker could cause an affected devi...
DEBIAN-CVE-2018-20796
In the GNU C Library aka glibc or libc6 through 2.29, checkdstlimitscalcpos1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '\227|\1\1|t1|\\2537+' in grep...
perl: heap read overflow in regexec.c
A heap buffer over read flaw was found in the way Perl regular expression engine handled inputs with invalid UTF-8 characters. An attacker able to provide a specially crafted input to be matched against a regular expression could cause Perl interpreter to crash or disclose portion of its memory...
ALPINE-CVE-2017-11164
In PCRE 8.41, the OPKETRMAX feature in the match function in pcreexec.c allows stack exhaustion uncontrolled recursion when processing a crafted regular expression...
DEBIAN-CVE-2017-11164
In PCRE 8.41, the OPKETRMAX feature in the match function in pcreexec.c allows stack exhaustion uncontrolled recursion when processing a crafted regular expression...
DEBIAN-CVE-2017-9728
In uClibc 0.9.33.2, there is an out-of-bounds read in the getsubexp function in misc/regex/regexec.c when processing a crafted regular expression...
DEBIAN-CVE-2017-6004
The compilebracketmatchingpath function in pcrejitcompile.c in PCRE through 8.x before revision 1680 e.g., the PHP 7.1.1 bundled version allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted regular expression...
pcre: heap buffer over-read in pcre_compile2() (8.37/23)
The pcrecompile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service out-of-bounds read via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by...
pcre: heap buffer overflow in handling of duplicate named groups (8.39/14)
The pcrecompile2 function in pcrecompile.c in PCRE 8.38 mishandles the /?:F?+?:^?Ra+"99-?J?'R'?'R'?'RR'?'R'\97?J?J?'R'?'R'\99|:?|?'R'\k'R'|?'R'H'R'RH'R/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service heap-based buffer overflow or...
pcre: workspace overflow for (*ACCEPT) with deeply nested parentheses (8.39/13, 10.22/12)
The compilebranch function in pcrecompile.c in PCRE 8.x before 8.39 and pcre2compile.c in PCRE2 before 10.22 mishandles patterns containing an ACCEPT substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service stack-based...
Updated perl packages fix security vulnerability
The regex engine got into an infinite loop because of the malformation. It is trying to back-up over a sequence of UTF-8 continuation bytes. The character just before the sequence should be a start byte. If it's not, there is a malformation which results in "hang" of regexp matching and CPU...
MGASA-2016-0191 Updated perl packages fix security vulnerability
The regex engine got into an infinite loop because of the malformation. It is trying to back-up over a sequence of UTF-8 continuation bytes. The character just before the sequence should be a start byte. If it's not, there is a malformation which results in "hang" of regexp matching and CPU...
Apple Mac OSX Regex Engine (TRE) - Integer Signedness Overflow
Apple Mac OSX Regex Engine TRE - Integer Signedness Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=429 The OS X regex engine function tretnfarunparallel contains the following code: int tbytes; ... if !matchtags numtags = 0; else numtags = tnfa-numtags; ... i...
OS X Regex Engine (TRE) - Stack Buffer Overflow Vulnerability
Exploit for macOS platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=428 OS X Libc uses the slightly obscure TRE regex engine http://laurikari.net/tre/ If used in enhanced mode by passing the REGENHANCED flag to regcomp TRE supports...
Apple Mac OSX Regex Engine (TRE) - Stack Buffer Overflow (PoC)
Apple Mac OSX Regex Engine TRE - Stack Buffer Overflow PoC Source: https://code.google.com/p/google-security-research/issues/detail?id=428 OS X Libc uses the slightly obscure TRE regex engine http://laurikari.net/tre/ If used in enhanced mode by passing the REGENHANCED flag to regcomp TRE support...
OS X Regex Engine (TRE) - Integer Signedness and Overflow Issues Vulnerability
Exploit for macOS platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=429 The OS X regex engine function tretnfarunparallel contains the following code: int tbytes; ... if !matchtags numtags = 0; else numtags = tnfa-numtags; ... int rbytes,...