VulnerableCode Package Details - pkg:deb/ubuntu/pcre2@10.31-3

Search for packages

Package details: pkg:deb/ubuntu/pcre2@10.31-3

Essentials
History (0)

purl	pkg:deb/ubuntu/pcre2@10.31-3

Next non-vulnerable version	10.34-7
Latest non-vulnerable version	10.34-7
Risk	4.4

Vulnerabilities affecting this package (3)

Vulnerability	Summary	Fixed by
VCID-hyp6-74p8-aaap Aliases: CVE-2017-7186	libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup.	10.32-4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-jcnx-yyhm-aaab Aliases: CVE-2019-20454	Out-of-bounds Read An out-of-bounds read was discovered in PCRE when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c.	10.34-7 Affected by 0 other vulnerabilities.
VCID-ptm9-5wpw-aaaf Aliases: CVE-2017-8786	Improper Restriction of Operations within the Bounds of a Memory Buffer pcre2test.c in PCRE2 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression.	10.32-4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version