Published: 26/02/2019 Updated: 11/04/2024

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

In the GNU C Library (aka glibc or libc6) up to and including 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu glibc

Impact: Low Public Date: 2019-02-26 CWE: CWE-674 Bugzilla: 1684374: CVE-2019-9192 glibc: uncontrolled r ...

imx yocto30

What is meta-timesys? This Yocto layer provides scripts for image manifest generation used for security monitoring and notification as part of the Timesys Vigiles product offering What is Vigiles? Vigiles is a vulnerability management tool that provides build-time Yocto CVE Analysis of target images It does this by collecting metadata about packages to be installed and upload

Vulnerability management tool that provides Yocto SBOM generation and CVE Analysis of target images.

What is meta-timesys? This Yocto layer provides scripts for image manifest generation used for security monitoring and notification as part of the Timesys Vigiles product offering What is Vigiles? Vigiles is a vulnerability management tool that provides build-time Yocto CVE Analysis of target images It does this by collecting metadata about packages to be installed and upload

CWE-674 https://sourceware.org/bugzilla/show_bug.cgi?id=24269 https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS https://nvd.nist.gov https://github.com/xlloss/meta-timesys https://access.redhat.com/security/cve/cve-2019-9192

CVE-2019-9192

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect