Описание
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 10.40-1 |
| esm-apps/bionic | released | 10.31-2ubuntu0.1~esm1 |
| esm-apps/xenial | needs-triage | |
| esm-infra/focal | not-affected | 10.34-7ubuntu0.1 |
| focal | released | 10.34-7ubuntu0.1 |
| impish | ignored | end of life |
| jammy | released | 10.39-3ubuntu0.1 |
| kinetic | not-affected | 10.40-1 |
| lunar | not-affected | 10.40-1 |
Показывать по
EPSS
6.4 Medium
CVSS2
9.1 Critical
CVSS3
Связанные уязвимости
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.
An out-of-bounds read vulnerability was discovered in the PCRE2 librar ...
EPSS
6.4 Medium
CVSS2
9.1 Critical
CVSS3