VDB
CVE-2008-0172
CVE-2008-0172
PUBLISHED
CVSS 5 MEDIUM
The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression.
EPSS 2.17% · 84.6th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
2.17%
84.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| boost | boost | 1.33, 1.34 |
| n/a | n/a | * |
Timeline
- Jan 17, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- http://wiki.rpath.com/Advisories:rPSA-2008-0063 url
- 48099 third-party-advisory
- ADV-2008-0249 vdb
- 27325 vdb
- 28860 third-party-advisory
- http://svn.boost.org/trac/boost/changeset/42745 url
- 28943 third-party-advisory
- http://svn.boost.org/trac/boost/changeset/42674 url
- https://issues.rpath.com/browse/RPL-2143 url
- FEDORA-2008-0880 vendor-advisory
- 28511 third-party-advisory
- 20080213 rPSA-2008-0063-1 boost mailing-list
- 28705 third-party-advisory
- 28545 third-party-advisory
- SUSE-SR:2008:006 vendor-advisory
- GLSA-200802-08 vendor-advisory
- 28527 third-party-advisory
- USN-570-1 vendor-advisory
- 29323 third-party-advisory
- http://bugs.gentoo.org/show_bug.cgi?id=205955 url
…and 2 more