In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.
References
Configurations
History
07 Nov 2023, 02:04
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2019-02-26 02:29
Updated : 2024-02-28 16:48
NVD link : CVE-2009-5155
Mitre link : CVE-2009-5155
CVE.ORG link : CVE-2009-5155
JSON object : View
Products Affected
netapp
- steelstore_cloud_integrated_storage
- cloud_backup
- ontap_select_deploy_administration_utility
gnu
- glibc
CWE
CWE-19
Data Processing Errors