Your submission was sent successfully! Close

CVE-2020-11958

Published: 21 April 2020

re2c 1.3 has a heap-based buffer overflow in Scanner::fill in parse/scanner.cc via a long lexeme.

Notes

AuthorNote
leosilva
introduced by 1.2 by
https://github.com/skvadrik/re2c/commit/1edd26a35457c5835afd58b8fa8330d33e7a1192
Priority

Medium

CVSS 3 base score: 7.8

Status

Package Release Status
re2c
Launchpad, Ubuntu, Debian
bionic Not vulnerable

eoan
Released (1.2.1-1ubuntu0.1)
focal
Released (1.3-1ubuntu0.1)
precise Not vulnerable

trusty Not vulnerable

upstream Needs triage

xenial Not vulnerable

Patches:
upstream: https://github.com/skvadrik/re2c/commit/1edd26a35457c5835afd58b8fa8330d33e7a1192