3 matches found
CVE-2019-9169
CVE-2019-9169 affects GNU C Library (glibc) up to 2.29, where proceed_next_node in posix/regexec.c permits a heap-based buffer over-read during a case-insensitive regular-expression match. Impact: potential information disclosure via crafted input; CVSS/assessment in references indicates high/cri...
CVE-2009-5155
CVE-2009-5155 affects the GNU C Library (glibc) prior to 2.28. The vulnerability is in parse_reg_exp (posix/regcomp.c) where misparsing alternatives can cause a denial of service (assertion failure and process exit) or yield an incorrect match result. Affected products include glibc in systems us...
CVE-2018-20796
CVE-2018-20796 (glibc) : Affected: GNU C Library (glibc) up to 2.29. Root cause: check_dst_limits_calc_pos_1 in posix/regexec.c experiences Uncontrolled Recursion. Evidence from IBM/NVD entry confirms the CWE-674 Uncontrolled Recursion and the vulnerable component/file. Impact details are stated ...