Attack Complexity Low
EPSS 0.29% (65th percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
- Snyk ID SNYK-CENTOS8-GLIBC-2098317
- published 26 Jul 2021
- disclosed 20 Jan 2019
Introduced: 20 Jan 2019CVE-2019-9169 Open this link in a new tab
CWE-125 Open this link in a new tab
How to fix?
glibc to version 0:2.28-151.el8 or higher.
Note: Versions mentioned in the description apply only to the upstream
glibc package and not the
glibc package as distributed by
How to fix? for
Centos:8 relevant fixed versions and status.
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.