libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2020/Dec/32 | Mailing List Third Party Advisory |
http://seclists.org/fulldisclosure/2021/Feb/14 | Mailing List Third Party Advisory |
https://bugs.gentoo.org/717920 | Issue Tracking Patch Third Party Advisory VDB Entry |
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E | Mailing List Third Party Advisory |
https://support.apple.com/kb/HT211931 | Vendor Advisory |
https://support.apple.com/kb/HT212147 | Vendor Advisory |
https://www.pcre.org/original/changelog.txt | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
27 Mar 2024, 16:05
Type | Values Removed | Values Added |
---|---|---|
First Time |
Splunk
Splunk universal Forwarder |
|
References | () https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:* cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:* |
07 Nov 2023, 03:09
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
22 Sep 2021, 14:22
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
15 Mar 2021, 18:29
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E - Mailing List, Third Party Advisory |
25 Feb 2021, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
11 Feb 2021, 15:19
Type | Values Removed | Values Added |
---|---|---|
References | (FULLDISC) http://seclists.org/fulldisclosure/2020/Dec/32 - Mailing List, Third Party Advisory | |
References | (MISC) https://bugs.gentoo.org/717920 - Issue Tracking, Patch, Third Party Advisory, VDB Entry | |
References | (CONFIRM) https://support.apple.com/kb/HT212147 - Vendor Advisory | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2021/Feb/14 - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://support.apple.com/kb/HT211931 - Vendor Advisory | |
CPE | cpe:2.3:o:apple:mac_os:*:*:*:*:*:*:*:* |
02 Feb 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 Feb 2021, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2020-06-15 17:15
Updated : 2024-03-27 16:05
NVD link : CVE-2019-20838
Mitre link : CVE-2019-20838
CVE.ORG link : CVE-2019-20838
JSON object : View
Products Affected
apple
- macos
splunk
- universal_forwarder
pcre
- pcre
CWE
CWE-125
Out-of-bounds Read