### [CVE-2019-11640](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11640)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

An issue was discovered in GNU recutils 1.8. There is a heap-based buffer overflow in the function rec_fex_parse_str_simple at rec-fex.c in librec.a.

### POC

#### Reference
- https://github.com/TeamSeri0us/pocs/blob/master/recutils/bug-report-recutils/
- https://github.com/TeamSeri0us/pocs/blob/master/recutils/bug-report-recutils/
- https://github.com/TeamSeri0us/pocs/tree/master/recutils/bug-report-recutils/recfix
- https://github.com/TeamSeri0us/pocs/tree/master/recutils/bug-report-recutils/recfix

#### Github
No PoCs found on GitHub currently.