Lucene search

K
osvGoogleOSV:ALSA-2021:4373
HistoryNov 09, 2021 - 9:12 a.m.

Low: pcre security update

2021-11-0909:12:45
Google
osv.dev
25
pcre
security update
buffer over-read
integer overflow
cve-2019-20838
cve-2020-14155
almalinux
release notes

EPSS

0.01

Percentile

84.1%

PCRE is a Perl-compatible regular expression library.

Security Fix(es):

  • pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 (CVE-2019-20838)

  • pcre: Integer overflow when parsing callout numeric arguments (CVE-2020-14155)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.