An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the mark_beginning_as_normal function making recursive calls to itself in certain scenarios involving lots of '*' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service.
References
Link | Resource |
---|---|
https://github.com/westes/flex/issues/414 | Exploit Third Party Advisory |
Configurations
History
06 Oct 2023, 17:12
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:westes:flex:2.6.4:*:*:*:*:*:*:* | |
First Time |
Westes
Westes flex |
Information
Published : 2019-01-15 00:29
Updated : 2024-02-28 16:48
NVD link : CVE-2019-6293
Mitre link : CVE-2019-6293
CVE.ORG link : CVE-2019-6293
JSON object : View
Products Affected
westes
- flex
CWE
CWE-674
Uncontrolled Recursion