Unrated severityOSV Advisory· Published Jan 15, 2019· Updated Sep 16, 2024
CVE-2019-6293
CVE-2019-6293
Description
An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the mark_beginning_as_normal function making recursive calls to itself in certain scenarios involving lots of '*' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10flex-2-5-10, flex-2-5-5b, flex-2-5-5c, …+ 1 more
- (no CPE)range: flex-2-5-10, flex-2-5-5b, flex-2-5-5c, …
- (no CPE)range: =2.6.4
- osv-coords8 versionspkg:apk/chainguard/flexpkg:apk/chainguard/flex-devpkg:apk/chainguard/flex-docpkg:apk/chainguard/libfl2pkg:apk/wolfi/flexpkg:apk/wolfi/flex-devpkg:apk/wolfi/flex-docpkg:apk/wolfi/libfl2
< 0+ 7 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
Patches
Vulnerability mechanics
References
1- github.com/westes/flex/issues/414mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.