Linux Distros Unpatched Vulnerability : CVE-2022-1587

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability was discovered in the PCRE2 library in the getrecursedatalength function of the pcre2jitcompile.c file. This issue affects...

Security Bulletin: IBM Aspera Console has addressed multiple PCRE and PCRE2 library vulnerabilities (CVE-2022-1587, CVE-2019-20838, CVE-2022-1586)

Summary This Security Bulletin addresses security vulnerabilities related to PCRE and PCRE2 library vulnerabilities that have been remediated CVE-2022-1587, CVE-2019-20838, CVE-2022-1586 in IBM Aspera Console 3.4.2 PL5. Vulnerability Details CVEID:CVE-2022-1587 DESCRIPTION: PCRE2 could allow a...

Ubuntu 18.04 ESM : PCRE vulnerabilities (USN-5627-2)

The remote Ubuntu 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5627-2 advisory. USN-5627-1 fixed several vulnerabilities in PCRE. This update provides the corresponding fixes for Ubuntu 18.04 ESM. Tenable has extracted the preceding...

Amazon Linux 2023 : pcre2, pcre2-devel, pcre2-static (ALAS2023-2023-045)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-045 advisory. An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file. This involves a unicode property matching issue ...

Debian dla-3363 : libpcre2-16-0 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3363 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3363-1 [email protected]...

Security Bulletin: IBM Aspera Orchestrator affected by vulnerability (CVE-2022-1587)

Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-1587 DESCRIPTION: PCRE2 could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in the getrecursedatalength function in the...

EulerOS Virtualization 2.10.0 : pcre2 (EulerOS-SA-2022-2868)

According to the versions of the pcre2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the...

EulerOS Virtualization 2.10.1 : pcre2 (EulerOS-SA-2022-2886)

According to the versions of the pcre2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the...

AlmaLinux 9 : pcre2 (ALSA-2022:5251)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5251 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

Mageia: Security Advisory (MGASA-2022-0417)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Database Server (Oct 2022 CPU)

The 19c and 21c versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory. - Vulnerability in the Oracle Database - Machine Learning Numpy component of Oracle Database Server. The supported version that ...

Vulnerabilities fixed in Oracle Database Server

Vulnerabilities have been fixed in Oracle Database Server. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data Orac...

EulerOS Virtualization 2.9.0 : pcre2 (EulerOS-SA-2022-2397)

According to the versions of the pcre2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the...

Ubuntu 20.04 LTS / 22.04 LTS : PCRE vulnerabilities (USN-5627-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5627-1 advisory. It was discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue t...

EulerOS 2.0 SP9 : pcre2 (EulerOS-SA-2022-2301)

According to the versions of the pcre2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file...

Amazon Linux 2022 : pcre2, pcre2-devel, pcre2-static (ALAS2022-2022-071)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-071 advisory. An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file. This involves a unicode property matching issue ...

SUSE SLED15 / SLES15 Security Update : pcre2 (SUSE-SU-2022:2649-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2649-1 advisory. - An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to...

openSUSE: Security Advisory for pcre2 (SUSE-SU-2022:2649-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE: Security Advisory (SUSE-SU-2022:2649-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:2649-1 Security update for pcre2

This update for pcre2 fixes the following issues: - CVE-2019-20454: Fixed out-of-bounds read in JIT mode when \X is used in non-UTF mode bsc1164384. - CVE-2022-1587: Fixed out-of-bounds read due to bug in recursions bsc1199235...