CVE-2019-20838

Опубликовано: 15 июн. 2020

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 4.3

CVSS3: 7.5

Описание

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.

Релиз	Статус	Примечание
bionic	released	2:8.39-9ubuntu0.1
devel	needed
eoan	ignored	end of life
esm-apps/noble	needed
esm-infra-legacy/trusty	not-affected	code not present
esm-infra/bionic	not-affected	2:8.39-9ubuntu0.1
esm-infra/focal	not-affected	2:8.39-12ubuntu0.1
esm-infra/xenial	not-affected	code not present
focal	released	2:8.39-12ubuntu0.1
groovy	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 43%

0.00204

Низкий

4.3 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2019-20838

CVSS3: 7.5

redhat

около 5 лет назад

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.

CVE-2019-20838

CVSS3: 7.5

nvd

около 5 лет назад

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.

CVE-2019-20838

CVSS3: 7.5

msrc

почти 5 лет назад

Описание отсутствует

CVE-2019-20838

CVSS3: 7.5

debian

около 5 лет назад

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT w ...

GHSA-689f-qv4w-xgqf

CVSS3: 7.5

github

около 3 лет назад

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.

EPSS

Процентиль: 43%

0.00204

Низкий

4.3 Medium

CVSS2

7.5 High

CVSS3

CVE-2019-20838

Описание

Пакет pcre3

Ссылки на источники

Связанные уязвимости