Search for vulnerabilities
Vulnerability details: VCID-tczz-hknf-aaas
Vulnerability ID VCID-tczz-hknf-aaas
Aliases CVE-2014-9769
Summary pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata during use of a regular expression in an Emerging Threats Open ruleset.
Status Published
Exploitability 0.5
Weighted Severity 6.8
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-9769.html
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00866 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00866 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00866 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00866 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00866 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00866 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00866 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00866 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00866 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00866 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00866 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00866 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00866 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00866 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00866 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.00866 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
epss 0.01727 https://api.first.org/data/v1/epss?cve=CVE-2014-9769
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1320995
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9769
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2014-9769
cvssv3 7.3 https://nvd.nist.gov/vuln/detail/CVE-2014-9769
generic_textual Medium https://ubuntu.com/security/notices/USN-2943-1
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-9769.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9769.json
https://api.first.org/data/v1/epss?cve=CVE-2014-9769
https://bugs.debian.org/819050
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9769
https://redmine.openinfosecfoundation.org/issues/1693
https://ubuntu.com/security/notices/USN-2943-1
http://vcs.pcre.org/pcre?view=revision&revision=1475
http://www.openwall.com/lists/oss-security/2016/03/26/1
http://www.securityfocus.com/bid/85570
http://www.securitytracker.com/id/1035424
1320995 https://bugzilla.redhat.com/show_bug.cgi?id=1320995
819050 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819050
cpe:2.3:a:pcre:pcre:8.35:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.35:*:*:*:*:*:*:*
CVE-2014-9769 https://nvd.nist.gov/vuln/detail/CVE-2014-9769
USN-2943-1 https://usn.ubuntu.com/2943-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2014-9769
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2014-9769
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.70402
EPSS Score 0.00731
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.