Total vulnerabilities in the database
file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7345.
| Software | From | Fixed in |
|---|---|---|
| christos_zoulas / file | 5.00 | 5.00.x |
| christos_zoulas / file | 5.04 | 5.04.x |
| christos_zoulas / file | 5.10 | 5.10.x |
| christos_zoulas / file | 5.07 | 5.07.x |
| christos_zoulas / file | 5.02 | 5.02.x |
| christos_zoulas / file | 5.03 | 5.03.x |
| christos_zoulas / file | 5.11 | 5.11.x |
| christos_zoulas / file | 5.16 | 5.16.x |
| christos_zoulas / file | 5.12 | 5.12.x |
| christos_zoulas / file | 5.17 | 5.17.x |
| christos_zoulas / file | 5.05 | 5.05.x |
| christos_zoulas / file | 5.13 | 5.13.x |
| christos_zoulas / file | - | 5.18.x |
| christos_zoulas / file | 5.14 | 5.14.x |
| christos_zoulas / file | 5.01 | 5.01.x |
| christos_zoulas / file | 5.08 | 5.08.x |
| christos_zoulas / file | 5.06 | 5.06.x |
| christos_zoulas / file | 5.15 | 5.15.x |
| christos_zoulas / file | 5.09 | 5.09.x |
| php / php | 5.5.0 | 5.5.16 |
| php / php | 5.4.0 | 5.4.32 |
| debian / debian_linux | 8.0 | 8.0.x |
| debian / debian_linux | 7.0 | 7.0.x |