3 matches found
GHSA-3633-G6MG-P6QQ SurrealDB memory exhaustion via string::replace using regex
An authenticated user can craft a query using the string::replace function that uses a Regex to perform a string replacement. As there is a failure to restrict the resulting string length, this enables an attacker to send a string::replace function to the SurrealDB server exhausting all the memor...
CVE-2017-9729
In uClibc 0.9.33.2, there is stack exhaustion uncontrolled recursion in the checkdstlimitscalcpos1 function in misc/regex/regexec.c when processing a crafted regular expression...
PCRE 'compile_regex()' function heap buffer overflow vulnerability
PCRE Perl Compatible Regular Expressions is a software developer Philip Hazel developed a use of C language written in open source regular expression library. A heap buffer overflow vulnerability exists in the PCRE 'compileregex' function. This vulnerability could be exploited by an attacker to...