endpointlabs / VulnerableDotNetCore3Project

.Net Core 3.0
0 stars 0 forks source link

CVE-2018-20796 | libc-bin (CWE-674) #19

Open mgulter opened 2 years ago

mgulter commented 2 years ago

A low severity vulnerability has been discovered in your project.

Project Name: IssueTest

Scanner Name: trivy

Cwe ID: 674

Cwe Name: Uncontrolled Recursion

Cwe Link: https://cwe.mitre.org/data/definitions/674.html

CVE ID: CVE-2018-20796

Target: nginx:latest (debian 11.3)

Packages:

References:

Tool Description: In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\1\1|t1|\\2537)+' in grep.

Custom Description: NEW ENDPOINT TEST