6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
0.014 Low
EPSS
Percentile
86.6%
Algorithmic complexity vulnerability in the regular expression parser in
TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before
8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote
authenticated users to cause a denial of service (memory consumption) via a
crafted “complex” regular expression with doubly-nested states.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | postgresql-8.1 | < 8.1.11-0ubuntu0.6.06.1 | UNKNOWN |
ubuntu | 6.10 | noarch | postgresql-8.1 | < 8.1.11-0ubuntu0.6.10.1 | UNKNOWN |
ubuntu | 7.04 | noarch | postgresql-8.2 | < 8.2.6-0ubuntu0.7.04.1 | UNKNOWN |
ubuntu | 7.10 | noarch | postgresql-8.2 | < 8.2.6-0ubuntu0.7.10.1 | UNKNOWN |
ubuntu | 8.04 | noarch | postgresql-8.2 | < 8.2.6-1 | UNKNOWN |