libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2020/Dec/32 | Mailing List Third Party Advisory |
http://seclists.org/fulldisclosure/2021/Feb/14 | Mailing List Third Party Advisory |
https://bugs.gentoo.org/717920 | Issue Tracking Patch Third Party Advisory VDB Entry |
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E | Mailing List Third Party Advisory |
https://support.apple.com/kb/HT211931 | Vendor Advisory |
https://support.apple.com/kb/HT212147 | Vendor Advisory |
https://www.pcre.org/original/changelog.txt | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
27 Mar 2024, 16:05
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:* cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:* |
|
First Time |
Splunk
Splunk universal Forwarder |
|
References | () https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E - Mailing List, Third Party Advisory |
07 Nov 2023, 03:09
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2020-06-15 17:15
Updated : 2024-03-27 16:05
NVD link : CVE-2019-20838
Mitre link : CVE-2019-20838
CVE.ORG link : CVE-2019-20838
JSON object : View
Products Affected
pcre
- pcre
splunk
- universal_forwarder
apple
- macos
CWE
CWE-125
Out-of-bounds Read