In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.
References
Configurations
History
07 Nov 2023, 02:04
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
29 Jun 2021, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
28 Jun 2021, 15:15
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://sourceware.org/bugzilla/show_bug.cgi?id=11053 - Issue Tracking, Exploit, Third Party Advisory |
Information
Published : 2019-02-26 02:29
Updated : 2023-12-10 12:44
NVD link : CVE-2009-5155
Mitre link : CVE-2009-5155
CVE.ORG link : CVE-2009-5155
JSON object : View
Products Affected
netapp
- ontap_select_deploy_administration_utility
- steelstore_cloud_integrated_storage
- cloud_backup
gnu
- glibc
CWE
CWE-19
Data Processing Errors