CVE-2019-20838

Опубликовано: 15 июн. 2020

Источник: debian

Описание

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
pcre3	removed			package

Примечания

Fixed by: https://vcs.pcre.org/pcre?view=revision&revision=1740 (8.43)
Only an issue when UTF support disabled

Связанные уязвимости

CVE-2019-20838

CVSS3: 7.5

ubuntu

около 5 лет назад

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.

CVE-2019-20838

CVSS3: 7.5

redhat

около 5 лет назад

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.

CVE-2019-20838

CVSS3: 7.5

nvd

около 5 лет назад

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.

CVE-2019-20838

CVSS3: 7.5

msrc

почти 5 лет назад

Описание отсутствует

GHSA-689f-qv4w-xgqf

CVSS3: 7.5

github

около 3 лет назад

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.