* Add libevhtp to list of vulnerable ports.
Libevhtp prior to 1.2.14 uses oniguruma 5.9.2 and is vulnerable if using the REGEX option, which is the default.
This commit is contained in:
Richard Gallamore
parent
2c91ba6c3c
commit
5235b5b994
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=458042
1 changed files with 4 additions and 0 deletions
|
|
@ -6759,6 +6759,10 @@ Notes:
|
|||
<vuln vid="b396cf6c-62e6-11e7-9def-b499baebfeaf">
|
||||
<topic>oniguruma -- multiple vulnerabilities</topic>
|
||||
<affects>
|
||||
<package>
|
||||
<name>libevhtp</name>
|
||||
<range><lt>1.2.14</lt></range>
|
||||
</package>
|
||||
<package>
|
||||
<name>oniguruma4</name>
|
||||
<range><lt>4.7.2</lt></range>
|
||||
|
|
|
|||
Loading…
Reference in a new issue