Описание
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.
Ссылки
- Mailing ListPatchVendor Advisory
- Mailing ListVendor Advisory
- ExploitMailing ListVendor Advisory
- ExploitMailing ListVendor Advisory
- PatchThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Mailing ListPatchVendor Advisory
- Mailing ListVendor Advisory
- ExploitMailing ListVendor Advisory
- ExploitMailing ListVendor Advisory
- PatchThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp i ...
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.
Уязвимость функции parse_reg_exp библиотеки glibc, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3
5 Medium
CVSS2