CVE-2017-7246

ADVISORY - nist

Summary

Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.

EPSS Score⁠: 0.00555 (0.671)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-119⁠

Improper Restriction of Operations within the Bounds of a Memory Buffer

ADVISORY - redhat

CWE-20⁠

Improper Input Validation

Impacted images

Advisories

NIST

CREATED

8 years ago

UPDATED

2 months ago

ADVISORY IDCVE-2017-7246⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-119⁠

CVSS SCORE

7.8high

Alpine

CREATED

8 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2017-7246⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

8 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2017-7246⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

8 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2017-7246⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.8low

Red Hat

CREATED

8 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2017-7246⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-20⁠

CVSS SCORE

3.7low