Aggregates CVE and security vulnerability intelligence across all re2c-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk memory corruption and vendor risk buffer overflow; exposure may include vendor impact memory corruption and vendor impact application crash in vendor surface production workloads contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-23901 | A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/dead_rules.cc. | [email protected] | 9.8 | 0.34% | 2022-03-29 | 2024-11-21 |
| CVE-2018-21232 | re2c before 2.0 has uncontrolled recursion that causes stack consumption in find_fixed_tags. | [email protected] | 5.5 | 0.10% | 2020-04-29 | 2024-11-21 |
| CVE-2020-11958 | re2c 1.3 has a heap-based buffer overflow in Scanner::fill in parse/scanner.cc via a long lexeme. | [email protected] | 7.8 | 0.46% | 2020-04-21 | 2024-11-21 |