LAYER: meta
PACKAGE NAME: grep
PACKAGE VERSION: 3.11
CVE: CVE-2012-5667
CVE STATUS: Patched
CVE SUMMARY: Multiple integer overflows in GNU Grep before 2.11 might allow context-dependent attackers to execute arbitrary code via vectors involving a long input line that triggers a heap-based buffer overflow.
CVSS v2 BASE SCORE: 4.4
CVSS v3 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2012-5667

LAYER: meta
PACKAGE NAME: grep
PACKAGE VERSION: 3.11
CVE: CVE-2015-1345
CVE STATUS: Patched
CVE SUMMARY: The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.
CVSS v2 BASE SCORE: 2.1
CVSS v3 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2015-1345