CVE-2007-2026
EPSS 3.7%
Description
The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, as originally reported for AMaViS.
How to fix CVE-2007-2026
To remediate CVE-2007-2026, upgrade the affected package to a fixed version below.
- Debian/file—upgrade to 4.20-6 or later
Is CVE-2007-2026 being exploited?
Low — EPSS is 3.7%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 4.20-6