Home

CVE-2022-1586

Description

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.

Risk Information

Base Score
9.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS Score
Exploitation Probability
0.454

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in IBM Aspera Shares 1.10.0Windows
SUSE-SU-2022:1836-1(SUSE Linux Enterprise Server 12-SP5 ) libpcre2-16-0-10.34-1.7.1.x86_64.rpmLinux
SUSE-SU-2022:1836-1(SUSE Linux Enterprise Server 12-SP5 ) libpcre2-16-0-debuginfo-10.34-1.7.1.x86_64.rpmLinux
SUSE-SU-2022:1836-1(SUSE Linux Enterprise Server 12-SP5 ) libpcre2-32-0-10.34-1.7.1.x86_64.rpmLinux
SUSE-SU-2022:1836-1(SUSE Linux Enterprise Server 12-SP5 ) libpcre2-32-0-debuginfo-10.34-1.7.1.x86_64.rpmLinux
SUSE-SU-2022:1836-1(SUSE Linux Enterprise Server 12-SP5 ) libpcre2-8-0-10.34-1.7.1.x86_64.rpmLinux
SUSE-SU-2022:1836-1(SUSE Linux Enterprise Server 12-SP5 ) libpcre2-8-0-debuginfo-10.34-1.7.1.x86_64.rpmLinux
SUSE-SU-2022:1836-1(SUSE Linux Enterprise Server 12-SP5 ) libpcre2-posix2-10.34-1.7.1.x86_64.rpmLinux
SUSE-SU-2022:1836-1(SUSE Linux Enterprise Server 12-SP5 ) libpcre2-posix2-debuginfo-10.34-1.7.1.x86_64.rpmLinux
SUSE-SU-2022:2334-1(SUSE Linux Enterprise Server 12-SP5 ) libpcre1-8.45-8.12.1.x86_64.rpmLinux
SUSE-SU-2022:2334-1(SUSE Linux Enterprise Server 12-SP5 ) libpcre1-32bit-8.45-8.12.1.x86_64.rpmLinux
SUSE-SU-2022:2334-1(SUSE Linux Enterprise Server 12-SP5 ) libpcre1-debuginfo-8.45-8.12.1.x86_64.rpmLinux
SUSE-SU-2022:2334-1(SUSE Linux Enterprise Server 12-SP5 ) libpcre1-debuginfo-32bit-8.45-8.12.1.x86_64.rpmLinux
SUSE-SU-2022:2334-1(SUSE Linux Enterprise Server 12-SP5 ) libpcre16-0-8.45-8.12.1.x86_64.rpmLinux
SUSE-SU-2022:2334-1(SUSE Linux Enterprise Server 12-SP5 ) libpcre16-0-debuginfo-8.45-8.12.1.x86_64.rpmLinux
SUSE-SU-2022:2334-1(SUSE Linux Enterprise Server 12-SP5 ) libpcrecpp0-8.45-8.12.1.x86_64.rpmLinux
SUSE-SU-2022:2334-1(SUSE Linux Enterprise Server 12-SP5 ) libpcrecpp0-debuginfo-8.45-8.12.1.x86_64.rpmLinux
SUSE-SU-2022:2334-1(SUSE Linux Enterprise Server 12-SP5 ) libpcreposix0-8.45-8.12.1.x86_64.rpmLinux
SUSE-SU-2022:2334-1(SUSE Linux Enterprise Server 12-SP5 ) libpcreposix0-debuginfo-8.45-8.12.1.x86_64.rpmLinux
SUSE-SU-2022:2334-1(SUSE Linux Enterprise Server 12-SP5 ) pcre-debugsource-8.45-8.12.1.x86_64.rpmLinux
SUSE-SU-2022:2334-1(SUSE Linux Enterprise Server 12-SP5 ) pcre-devel-8.45-8.12.1.x86_64.rpmLinux
Pcre2 update (ELSA-2022-5809) pcre2-10.32-3.el8_6.i686.rpmLinux
Pcre2 update (ELSA-2022-5809) pcre2-10.32-3.el8_6.x86_64.rpmLinux
Pcre2-devel update (ELSA-2022-5809) pcre2-devel-10.32-3.el8_6.i686.rpmLinux
Pcre2-devel update (ELSA-2022-5809) pcre2-devel-10.32-3.el8_6.x86_64.rpmLinux
Pcre2-utf16 update (ELSA-2022-5809) pcre2-utf16-10.32-3.el8_6.i686.rpmLinux
Pcre2-utf16 update (ELSA-2022-5809) pcre2-utf16-10.32-3.el8_6.x86_64.rpmLinux
Pcre2-utf32 update (ELSA-2022-5809) pcre2-utf32-10.32-3.el8_6.i686.rpmLinux
Pcre2-utf32 update (ELSA-2022-5809) pcre2-utf32-10.32-3.el8_6.x86_64.rpmLinux
(RHSA-2022:5809) pcre2 security update pcre2-10.32-3.el8_6.i686.rpmLinux
(RHSA-2022:5809) pcre2 security update pcre2-10.32-3.el8_6.x86_64.rpmLinux
(RHSA-2022:5809) pcre2 security update pcre2-debugsource-10.32-3.el8_6.i686.rpmLinux
(RHSA-2022:5809) pcre2 security update pcre2-debugsource-10.32-3.el8_6.x86_64.rpmLinux
(RHSA-2022:5809) pcre2 security update pcre2-devel-10.32-3.el8_6.i686.rpmLinux
(RHSA-2022:5809) pcre2 security update pcre2-devel-10.32-3.el8_6.x86_64.rpmLinux
(RHSA-2022:5809) pcre2 security update pcre2-utf16-10.32-3.el8_6.i686.rpmLinux
(RHSA-2022:5809) pcre2 security update pcre2-utf16-10.32-3.el8_6.x86_64.rpmLinux
(RHSA-2022:5809) pcre2 security update pcre2-utf32-10.32-3.el8_6.i686.rpmLinux
(RHSA-2022:5809) pcre2 security update pcre2-utf32-10.32-3.el8_6.x86_64.rpmLinux
Pcre2 update (ELSA-2022-5251) pcre2-10.37-5.el9_0.i686.rpmLinux
Pcre2 update (ELSA-2022-5251) pcre2-10.37-5.el9_0.x86_64.rpmLinux
Pcre2-devel update (ELSA-2022-5251) pcre2-devel-10.37-5.el9_0.i686.rpmLinux
Pcre2-devel update (ELSA-2022-5251) pcre2-devel-10.37-5.el9_0.x86_64.rpmLinux
Pcre2-syntax update (ELSA-2022-5251) pcre2-syntax-10.37-5.el9_0.noarch.rpmLinux
Pcre2-utf16 update (ELSA-2022-5251) pcre2-utf16-10.37-5.el9_0.i686.rpmLinux
Pcre2-utf16 update (ELSA-2022-5251) pcre2-utf16-10.37-5.el9_0.x86_64.rpmLinux
Pcre2-utf32 update (ELSA-2022-5251) pcre2-utf32-10.37-5.el9_0.i686.rpmLinux
Pcre2-utf32 update (ELSA-2022-5251) pcre2-utf32-10.37-5.el9_0.x86_64.rpmLinux
(RHSA-2022:5251) pcre2 security update pcre2-10.37-5.el9_0.i686.rpmLinux
(RHSA-2022:5251) pcre2 security update pcre2-10.37-5.el9_0.x86_64.rpmLinux
(RHSA-2022:5251) pcre2 security update pcre2-debugsource-10.37-5.el9_0.i686.rpmLinux
(RHSA-2022:5251) pcre2 security update pcre2-debugsource-10.37-5.el9_0.x86_64.rpmLinux
(RHSA-2022:5251) pcre2 security update pcre2-devel-10.37-5.el9_0.i686.rpmLinux
(RHSA-2022:5251) pcre2 security update pcre2-devel-10.37-5.el9_0.x86_64.rpmLinux
(RHSA-2022:5251) pcre2 security update pcre2-syntax-10.37-5.el9_0.noarch.rpmLinux
(RHSA-2022:5251) pcre2 security update pcre2-utf16-10.37-5.el9_0.i686.rpmLinux
(RHSA-2022:5251) pcre2 security update pcre2-utf16-10.37-5.el9_0.x86_64.rpmLinux
(RHSA-2022:5251) pcre2 security update pcre2-utf32-10.37-5.el9_0.i686.rpmLinux
(RHSA-2022:5251) pcre2 security update pcre2-utf32-10.37-5.el9_0.x86_64.rpmLinux
pcre2 security update (RLSA-2022:5809) pcre2-10.32-3.el8_6.i686.rpmLinux
pcre2 security update (RLSA-2022:5809) pcre2-10.32-3.el8_6.x86_64.rpmLinux
pcre2 security update (RLSA-2022:5809) pcre2-devel-10.32-3.el8_6.i686.rpmLinux
pcre2 security update (RLSA-2022:5809) pcre2-devel-10.32-3.el8_6.x86_64.rpmLinux
pcre2 security update (RLSA-2022:5809) pcre2-utf16-10.32-3.el8_6.i686.rpmLinux
pcre2 security update (RLSA-2022:5809) pcre2-utf16-10.32-3.el8_6.x86_64.rpmLinux
pcre2 security update (RLSA-2022:5809) pcre2-utf32-10.32-3.el8_6.i686.rpmLinux
pcre2 security update (RLSA-2022:5809) pcre2-utf32-10.32-3.el8_6.x86_64.rpmLinux
SUSE-SU-2023:4614-1(SUSE Linux Enterprise Server 12 SP5 ) java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64.rpmLinux
SUSE-SU-2023:4614-1(SUSE Linux Enterprise Server 12 SP5 ) java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64.rpmLinux
SUSE-SU-2023:4614-1(SUSE Linux Enterprise Server 12 SP5 ) java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64.rpmLinux
SUSE-SU-2023:4614-1(SUSE Linux Enterprise Server 12 SP5 ) java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64.rpmLinux
SUSE-SU-2022:2361-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) pcre-debugsource-8.45-150000.20.13.1.x86_64_15_SP3.rpmLinux
SUSE-SU-2022:2361-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libpcre1-debuginfo-8.45-150000.20.13.1.x86_64_15_SP3.rpmLinux
SUSE-SU-2022:2361-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) pcre-tools-debuginfo-8.45-150000.20.13.1.x86_64_15_SP3.rpmLinux
SUSE-SU-2022:2361-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libpcre16-0-debuginfo-8.45-150000.20.13.1.x86_64_15_SP3.rpmLinux
SUSE-SU-2022:2361-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libpcrecpp0-debuginfo-8.45-150000.20.13.1.x86_64_15_SP3.rpmLinux
SUSE-SU-2022:2361-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libpcreposix0-debuginfo-8.45-150000.20.13.1.x86_64_15_SP3.rpmLinux
SUSE-SU-2022:2361-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libpcre1-32bit-debuginfo-8.45-150000.20.13.1.x86_64_15_SP3.rpmLinux
SUSE-SU-2022:2361-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libpcrecpp0-32bit-debuginfo-8.45-150000.20.13.1.x86_64_15_SP3.rpmLinux
SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) wayland-devel-1.19.0-150400.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-egl1-99~1.19.0-150400.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-client0-1.19.0-150400.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-cursor0-1.19.0-150400.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-server0-1.19.0-150400.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) wayland-debugsource-1.19.0-150400.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) wayland-devel-debuginfo-1.19.0-150400.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-client0-32bit-1.19.0-150400.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-server0-32bit-1.19.0-150400.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-egl1-debuginfo-99~1.19.0-150400.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-client0-debuginfo-1.19.0-150400.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-cursor0-debuginfo-1.19.0-150400.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-server0-debuginfo-1.19.0-150400.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-client0-32bit-debuginfo-1.19.0-150400.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:1860-1(Basesystem Module 15-SP4 ) libwayland-server0-32bit-debuginfo-1.19.0-150400.3.3.1.x86_64.rpmLinux
(RHSA-2022:5809)Moderate: security update pcre2-debuginfo-10.32-3.el8_6.i686.rpmLinux
(RHSA-2022:5809)Moderate: security update pcre2-debuginfo-10.32-3.el8_6.x86_64.rpmLinux
(RHSA-2022:5809)Moderate: security update pcre2-tools-debuginfo-10.32-3.el8_6.i686.rpmLinux
(RHSA-2022:5809)Moderate: security update pcre2-tools-debuginfo-10.32-3.el8_6.x86_64.rpmLinux
(RHSA-2022:5809)Moderate: security update pcre2-utf16-debuginfo-10.32-3.el8_6.i686.rpmLinux
(RHSA-2022:5809)Moderate: security update pcre2-utf16-debuginfo-10.32-3.el8_6.x86_64.rpmLinux
(RHSA-2022:5809)Moderate: security update pcre2-utf32-debuginfo-10.32-3.el8_6.i686.rpmLinux
(RHSA-2022:5809)Moderate: security update pcre2-utf32-debuginfo-10.32-3.el8_6.x86_64.rpmLinux
Moderate: pcre2 security update pcre2-10.32-3.el8_6.i686.rpmLinux
Moderate: pcre2 security update pcre2-10.32-3.el8_6.x86_64.rpmLinux
Moderate: pcre2 security update pcre2-devel-10.32-3.el8_6.i686.rpmLinux
Moderate: pcre2 security update pcre2-devel-10.32-3.el8_6.x86_64.rpmLinux
Moderate: pcre2 security update pcre2-utf16-10.32-3.el8_6.i686.rpmLinux
Moderate: pcre2 security update pcre2-utf16-10.32-3.el8_6.x86_64.rpmLinux
Moderate: pcre2 security update pcre2-utf32-10.32-3.el8_6.i686.rpmLinux
Moderate: pcre2 security update pcre2-utf32-10.32-3.el8_6.x86_64.rpmLinux
pcre2 Security Update (ALAS2023-2023-045) pcre2-10.40-1.amzn2023.0.2.x86_64.rpmLinux
pcre2 Security Update (ALAS2023-2023-045) pcre2-devel-10.40-1.amzn2023.0.2.x86_64.rpmLinux
pcre2 Security Update (ALAS2023-2023-045) pcre2-static-10.40-1.amzn2023.0.2.x86_64.rpmLinux
pcre2 Security Update (ALAS2023-2023-045) pcre2-syntax-10.40-1.amzn2023.0.2.noarch.rpmLinux
pcre2 Security Update (ALAS2023-2023-045) pcre2-tools-10.40-1.amzn2023.0.2.x86_64.rpmLinux
pcre2 Security Update (ALAS2023-2023-045) pcre2-utf16-10.40-1.amzn2023.0.2.x86_64.rpmLinux
pcre2 Security Update (ALAS2023-2023-045) pcre2-utf32-10.40-1.amzn2023.0.2.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234