Rxspencer Project - Rxspencer CVE

Filtered by vendor Rxspencer Project Subscribe

Filtered by product Rxspencer

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2015-2305	3 Debian, Opensuse, Rxspencer Project	3 Debian Linux, Opensuse, Rxspencer	2018-10-30	6.8 MEDIUM	N/A
Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.

Vulnerabilities (CVE)