You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.
Vulnerable Library - grepgrep-2.21
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grep?wsslib=grep
Found in HEAD commit: c44e79751a9606bd11bd1704dee2684af7e4570b
Vulnerable Source Files (1)
/vendor/grep-2.21/src/kwset.c
Vulnerabilities
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2015-1345
Vulnerable Library - grepgrep-2.21
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grep?wsslib=grep
Found in HEAD commit: c44e79751a9606bd11bd1704dee2684af7e4570b
Found in base branch: main
Vulnerable Source Files (1)
/vendor/grep-2.21/src/kwset.c
Vulnerability Details
The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.
Publish Date: 2015-02-12
URL: CVE-2015-1345
Threat Assessment
Exploit Maturity: Not Defined
EPSS: 0.0%
CVSS 3 Score Details (4.0)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-1345
Release Date: 2015-02-12
Fix Resolution: 2.22
The text was updated successfully, but these errors were encountered: