Search for packages
| purl | pkg:ebuild/sys-apps/file@4.21 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-ftes-sc3e-aaae
Aliases: CVE-2007-2026 |
The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, as originally reported for AMaViS. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-grce-am62-aaap | Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement. NOTE: this issue is due to an incorrect patch for CVE-2007-1536. |
CVE-2007-2799
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T13:01:32.831602+00:00 | Gentoo Importer | Affected by | VCID-ftes-sc3e-aaae | https://security.gentoo.org/glsa/200704-13 | 36.0.0 |
| 2025-03-28T12:41:57.901477+00:00 | Gentoo Importer | Fixing | VCID-grce-am62-aaap | https://security.gentoo.org/glsa/200705-25 | 36.0.0 |
| 2024-09-18T07:55:37.622331+00:00 | Gentoo Importer | Affected by | VCID-ftes-sc3e-aaae | https://security.gentoo.org/glsa/200704-13 | 34.0.1 |
| 2024-09-18T07:36:14.744589+00:00 | Gentoo Importer | Fixing | VCID-grce-am62-aaap | https://security.gentoo.org/glsa/200705-25 | 34.0.1 |
| 2024-01-04T02:00:19.838988+00:00 | Gentoo Importer | Affected by | VCID-ftes-sc3e-aaae | https://security.gentoo.org/glsa/200704-13 | 34.0.0rc1 |
| 2024-01-04T01:42:22.186508+00:00 | Gentoo Importer | Fixing | VCID-grce-am62-aaap | https://security.gentoo.org/glsa/200705-25 | 34.0.0rc1 |