An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
History
07 Nov 2023, 03:42
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
16 Mar 2023, 05:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Dec 2022, 02:56
Type | Values Removed | Values Added |
---|---|---|
First Time |
Netapp active Iq Unified Manager
Netapp h700s Netapp h500s Netapp h700s Firmware Netapp h410c Firmware Netapp Netapp solidfire Netapp h410s Netapp ontap Select Deploy Administration Utility Netapp h300s Firmware Netapp hci Management Node Netapp h500s Firmware Netapp h300s Netapp h410c Netapp h410s Firmware |
|
CPE | cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:* |
|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20221028-0009/ - Third Party Advisory |
28 Oct 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
08 Oct 2022, 03:03
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/ - Mailing List, Third Party Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2077976, - Broken Link, Issue Tracking, Patch |
02 Jun 2022, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
26 May 2022, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 May 2022, 17:48
Type | Values Removed | Values Added |
---|---|---|
First Time |
Fedoraproject
Pcre Fedoraproject fedora Redhat Pcre pcre2 Redhat enterprise Linux |
|
References | (MISC) https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c - Patch, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/ - Mailing List, Third Party Advisory | |
References | (MISC) https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a, - Broken Link | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2077976, - Broken Link, Patch | |
CWE | CWE-125 | |
CVSS |
v2 : v3 : |
v2 : 6.4
v3 : 9.1 |
CPE | cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* cpe:2.3:a:pcre:pcre2:*:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* |
16 May 2022, 21:59
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-05-16 21:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-1586
Mitre link : CVE-2022-1586
CVE.ORG link : CVE-2022-1586
JSON object : View
Products Affected
netapp
- h700s_firmware
- solidfire
- h700s
- h300s_firmware
- h410s
- hci_management_node
- active_iq_unified_manager
- ontap_select_deploy_administration_utility
- h500s_firmware
- h410c
- h410s_firmware
- h500s
- h410c_firmware
- h300s
fedoraproject
- fedora
redhat
- enterprise_linux
pcre
- pcre2
CWE
CWE-125
Out-of-bounds Read