Every CVE whose affected-product data names Westes Flex, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2016-6354 — CVSS 9.8 (critical): Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a…
CVE-2006-0459 — CVSS 7.5 (high): flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator (flex) before 2.5.33 does not allocate enough memory for grammars…
CVE-2019-6293 — CVSS 5.5 (medium): An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the…