CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 2CVE-2019-9169 – glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read
https://notcve.org/view.php?id=CVE-2019-9169
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. En la biblioteca GNU C (también conocida como glibc o libc6), hasta la versión 2.29, proceed_next_node en posix/regexec.c tiene una sobrelectura de búfer basada en memoria dinámica (heap) mediante un intento de coincidencia de expresiones regulares que no distinguen entre mayúsculas y minúsculas. • http://www.securityfocus.com/bid/107160 https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140 https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142 https://kc.mcafee.com/corporate/index?page=content&id=SB10278 https://security.gentoo.org/glsa/202006-04 https://security.netapp.com/advisory/ntap-20190315-0002 https://sourceware.org/bugzilla/show_bug.cgi?id=24114 https://sourceware.org/git/gitweb.cgi? • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 4CVE-2009-5155
https://notcve.org/view.php?id=CVE-2009-5155
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. En la biblioteca GNU C (también conocida como glibc o libc6), en versiones anteriores a la 2.28, parse_reg_exp en posix/regcomp.c analiza erróneamente las alternativas, lo que permite que los atacantes provoquen una denegación de servicio (fallo de aserción y salida de la aplicación) o desencadenen un resultado incorrecto intentando realizar una coincidencia de expresiones regulares. • http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272 https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793 https://debbugs.gnu.org/cgi/bugreport.cgi?bug=32806 https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34238 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://security.netapp.com& • CWE-19: Data Processing Errors •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 2CVE-2018-20796
https://notcve.org/view.php?id=CVE-2018-20796
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep. En la biblioteca GNU C (también conocida como glibc o libc6), hasta la versión 2.29, check_dst_limits_calc_pos_1 en posix/regexec.c tiene una recursión no controlada, tal y como queda demostrado con "(\227|)(\\1\\1|t1|\\\2537)+" en grep. • http://www.securityfocus.com/bid/107160 https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141 https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html https://security.netapp.com/advisory/ntap-20190315-0002 https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS • CWE-674: Uncontrolled Recursion •
CVSS: 5.3EPSS: 0%CPEs: 57EXPL: 1CVE-2019-7317 – libpng: use-after-free in png_image_free in png.c
https://notcve.org/view.php?id=CVE-2019-7317
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. La función png_image_free en el archivo png.c en libpng versiones 1.6.x anteriores a 1.6.37, presenta un uso de la memoria previamente liberada porque la función png_image_free_function es llamada bajo png_safe_execute. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html http://www.securityfocus.com/bid/108098 https:/ • CWE-400: Uncontrolled Resource Consumption CWE-416: Use After Free •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2018-5737 – BIND 9.12's serve-stale implementation can cause an assertion failure in rbtdb.c or other undesirable behavior, even if serve-stale is not enabled.
https://notcve.org/view.php?id=CVE-2018-5737
A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause undesirable behavior from named, such as a recursion loop or excessive logging. Deliberate exploitation of this condition could cause operational problems depending on the particular manifestation -- either degradation or denial of service. Affects BIND 9.12.0 and 9.12.1. Un problema con la implementación de la nueva característica "serve-stale" en BIND 9.12 puede conducir a un fallo de aserción en rbtdb.c, incluso cuando stale-answer-enable está desactivado. • http://www.securityfocus.com/bid/104236 http://www.securitytracker.com/id/1040942 https://kb.isc.org/docs/aa-01606 https://security.netapp.com/advisory/ntap-20180926-0004 • CWE-617: Reachable Assertion •