CVE-2010-0634Infinite Loop in Flex

CWE-835Infinite Loop7 documents6 sources
Severity
7.5HIGHNVD
EPSS
0.3%
top 44.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Adobe FlexDebian FlexWill Estes Flex
Timeline
PublishedFeb 12
Latest updateMay 2

Description

Unspecified vulnerability in Fast Lexical Analyzer Generator (flex) before 2.5.35 has unknown impact and attack vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

debiandebian/flex< flex 2.5.35-1 (bookworm)
Debianadobe/flex< 2.5.35-1+3
NVDwill_estes/flex2.5.34+4

Patches

Patch: freshmeat.netPatch: freshmeat.net

🔴Vulnerability Details

2
GHSA
GHSA-6qjv-pcp7-rgfm: Unspecified vulnerability in Fast Lexical Analyzer Generator (flex) before 22022-05-02
OSV
CVE-2010-0634: Unspecified vulnerability in Fast Lexical Analyzer Generator (flex) before 22010-02-12

📋Vendor Advisories

3
Red Hat
avahi: daemon infinite loop triggered by an empty UDP packet (CVE-2010-2244 fix regression)2011-01-04
Red Hat
flex: Security fixes in v2.5.352010-01-29
Debian
CVE-2010-0634: flex - Unspecified vulnerability in Fast Lexical Analyzer Generator (flex) before 2.5.3...2010

💬Community

1
Bugzilla
CVE-2010-0634 flex: Security fixes in v2.5.352010-02-13