VulnerableCode Package Details - pkg:deb/ubuntu/pcre2@10.32-4

Search for packages

Package details: pkg:deb/ubuntu/pcre2@10.32-4

Essentials
History (0)

purl	pkg:deb/ubuntu/pcre2@10.32-4

Next non-vulnerable version	10.34-7
Latest non-vulnerable version	10.34-7
Risk	3.4

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-jcnx-yyhm-aaab Aliases: CVE-2019-20454	Out-of-bounds Read An out-of-bounds read was discovered in PCRE when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c.	10.34-7 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-hyp6-74p8-aaap	libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup.	CVE-2017-7186
VCID-ptm9-5wpw-aaaf	Improper Restriction of Operations within the Bounds of a Memory Buffer pcre2test.c in PCRE2 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression.	CVE-2017-8786

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version