Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2020:4539

Опубликовано: 03 нояб. 2020
Источник: rocky
Оценка: SEVERITY_MODERATE

Описание

Moderate: pcre2 security and enhancement update

The pcre2 package contains a new generation of the Perl Compatible Regular Expression libraries for implementing regular expression pattern matching using the same syntax and semantics as Perl. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
pcre2i6862.el8pcre2-10.32-2.el8.i686.rpm
pcre2x86_642.el8pcre2-10.32-2.el8.x86_64.rpm
pcre2-develi6862.el8pcre2-devel-10.32-2.el8.i686.rpm
pcre2-develx86_642.el8pcre2-devel-10.32-2.el8.x86_64.rpm
pcre2-utf16i6862.el8pcre2-utf16-10.32-2.el8.i686.rpm
pcre2-utf16x86_642.el8pcre2-utf16-10.32-2.el8.x86_64.rpm
pcre2-utf32i6862.el8pcre2-utf32-10.32-2.el8.i686.rpm
pcre2-utf32x86_642.el8pcre2-utf32-10.32-2.el8.x86_64.rpm

Показывать по

Связанные CVE

Связанные уязвимости

CVSS3: 7.5
ubuntu
больше 5 лет назад

An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c.

CVSS3: 7.5
redhat
почти 6 лет назад

An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c.

CVSS3: 7.5
nvd
больше 5 лет назад

An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c.

CVSS3: 7.5
debian
больше 5 лет назад

An out-of-bounds read was discovered in PCRE before 10.34 when the pat ...

CVSS3: 7.5
github
около 3 лет назад

An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c.