CVE-2019-20838

ADVISORY - nist

Summary

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.

EPSS Score⁠: 0.00182 (0.403)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-125⁠

Out-of-bounds Read

ADVISORY - redhat

CWE-125⁠

Out-of-bounds Read

Impacted images

Advisories

NIST

CREATED

5 years ago

UPDATED

8 months ago

ADVISORY IDCVE-2019-20838⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-125⁠

CVSS SCORE

7.5high

Debian

CREATED

5 years ago

UPDATED

10 days ago

ADVISORY IDCVE-2019-20838⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

5 years ago

UPDATED

16 days ago

ADVISORY IDCVE-2019-20838⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5low

Alma

CREATED

4 years ago

UPDATED

2 years ago

ADVISORY IDALSA-2021:4373⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Red Hat

CREATED

5 years ago

UPDATED

5 months ago

ADVISORY IDCVE-2019-20838⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-125⁠

CVSS SCORE

7.5low

Rocky

CREATED

4 years ago

UPDATED

5 months ago

ADVISORY IDRLSA-2021:4373⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

4 years ago

UPDATED

4 years ago

ADVISORY IDELSA-2021-4373⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow