CVE-2015-2305

Source
https://nvd.nist.gov/vuln/detail/CVE-2015-2305
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2015-2305.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2015-2305
Related
Published
2015-03-30T10:59:11Z
Modified
2024-09-11T03:25:05.973518Z
Summary
[none]
Details

Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.

References

Affected packages

Debian:11 / clamav

Package

Name
clamav
Purl
pkg:deb/debian/clamav?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.98.7+dfsg-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / clamav

Package

Name
clamav
Purl
pkg:deb/debian/clamav?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.98.7+dfsg-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / clamav

Package

Name
clamav
Purl
pkg:deb/debian/clamav?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.98.7+dfsg-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:11 / librcsb-core-wrapper

Package

Name
librcsb-core-wrapper
Purl
pkg:deb/debian/librcsb-core-wrapper?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.005-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / librcsb-core-wrapper

Package

Name
librcsb-core-wrapper
Purl
pkg:deb/debian/librcsb-core-wrapper?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.005-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / librcsb-core-wrapper

Package

Name
librcsb-core-wrapper
Purl
pkg:deb/debian/librcsb-core-wrapper?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.005-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / newlib

Package

Name
newlib
Purl
pkg:deb/debian/newlib?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / newlib

Package

Name
newlib
Purl
pkg:deb/debian/newlib?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / newlib

Package

Name
newlib
Purl
pkg:deb/debian/newlib?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / nvi

Package

Name
nvi
Purl
pkg:deb/debian/nvi?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.81.6-13

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / nvi

Package

Name
nvi
Purl
pkg:deb/debian/nvi?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.81.6-13

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / nvi

Package

Name
nvi
Purl
pkg:deb/debian/nvi?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.81.6-13

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / radare2

Package

Name
radare2
Purl
pkg:deb/debian/radare2?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.10.5+dfsg-1

Affected versions

0.*

0.6-1
0.7-1
0.7-2
0.7-3
0.8.1-1
0.8.8-1
0.8.8-2
0.9-1
0.9-2
0.9-3
0.9.4-1
0.9.4-2
0.9.6-1
0.9.6-2
0.9.6-3
0.9.6-3.1

Ecosystem specific

{
    "urgency": "low"
}

Debian:11 / vigor

Package

Name
vigor
Purl
pkg:deb/debian/vigor?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.016-24

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / vigor

Package

Name
vigor
Purl
pkg:deb/debian/vigor?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.016-24

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / vigor

Package

Name
vigor
Purl
pkg:deb/debian/vigor?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.016-24

Ecosystem specific

{
    "urgency": "unimportant"
}