AZL-6424 CVE-2019-6293 affecting package flex for versions less than 2.6.4-7
An issue was discovered in the function markbeginningasnormal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the markbeginningasnormal function making recursive calls to itself in certain scenarios involving lots of '' characters. Remote attackers could leverage this...