8 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-11419
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the litreadcodeunitfromhex function via a RegExp\u0 payload, related to...
Linux Distros Unpatched Vulnerability : CVE-2018-11418
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the litreadcodeunitfromutf8 function via a RegExp\u0020 payload, related t...
golang: regexp/syntax: limit memory used by parsing regexps
A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as...
golang: regexp/syntax: limit memory used by parsing regexps
A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as...
golang: regexp/syntax: limit memory used by parsing regexps
A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as...
Important: golist
Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...
Mozilla Foundation Security Advisory 2009-43
Mozilla Foundation Security Advisory 2009-43 Title: Heap overflow in certificate regexp parsing Impact: Critical Announced: August 1, 2009 Reporter: Moxie Marlinspike Products: Firefox, Thunderbird, SeaMonkey, NSS Fixed in: Firefox 3.5 NSS 3.12.3 Description Moxie Marlinspike reported a heap...
Heap overflow in certificate regexp parsing — Mozilla
Moxie Marlinspike reported a heap overflow vulnerability in the code that handles regular expressions in certificate names. This vulnerability could be used to compromise the browser and run arbitrary code by presenting a specially crafted certificate to the client. This code provided compatibili...