Description
file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7345.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Inventory Manager Unspecified Vulnerability (1.8.1)
WordPress Plugin GNU-Mailman Integration Cross-Site Scripting (1.0.6)
Apache HTTP Server Session Fixation Vulnerability (CVE-2001-1534)
Resin Application Server Other Vulnerability (CVE-2012-2966)
WordPress Plugin YITH WooCommerce Gift Cards Premium Unspecified Vulnerability (3.20.0)