libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4373 advisory.

  - libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R     has more than one fixed quantifier, a related issue to CVE-2019-20454. (CVE-2019-20838)

  - libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
    (CVE-2020-14155)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.2.2. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-23 advisory. Several of the third-party components were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with best practice, Tenable has opted to upgrade these components to address the potential impact of the issues. Nessus Network Monitor 6.2.2 updates the following components:

  - c-ares from version 1.10.0 to version 1.19.1.
  - curl from version 7.79.1 to version 8.1.2.
  - libbzip2 from version 1.0.6 to version 1.0.8.
  - libpcre from version 8.42 to version 8.44.
  - libxml2 from version 2.7.7 to version 2.11.1.
  - libxslt from version 1.1.26 to version 1.1.37.
  - libxmlsec from version 1.2.18 to version 1.2.37.
  - sqlite from version 3.27.2 to version 3.40.1.
  - jQuery Cookie from version 1.3.1 to version 1.4.1.
  - jQuery UI from version 1.13.0 to version 1.13.2.
  - OpenSSL from version 3.0.8 to version 3.0.9.

The remote Ubuntu 14.04 LTS / 16.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5425-1 advisory.

  - libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R     has more than one fixed quantifier, a related issue to CVE-2019-20454. (CVE-2019-20838)

  - libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
    (CVE-2020-14155)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4373 advisory.

  - libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R     has more than one fixed quantifier, a related issue to CVE-2019-20454. (CVE-2019-20838)

  - libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
    (CVE-2020-14155)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4373 advisory.

  - libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R     has more than one fixed quantifier, a related issue to CVE-2019-20454. (CVE-2019-20838)

  - libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
    (CVE-2020-14155)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4614 advisory.

  - httpd:  mod_proxy_wstunnel tunneling of non Upgraded connection (CVE-2019-17567)

  - pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1     (CVE-2019-20838)

  - httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)

  - pcre: Integer overflow when parsing callout numeric arguments (CVE-2020-14155)

  - httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)

  - openssl: integer overflow in CipherUpdate (CVE-2021-23840)

  - openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841)

  - httpd: mod_session: NULL pointer dereference when parsing Cookie header (CVE-2021-26690)

  - httpd: mod_session: Heap overflow via a crafted SessionHeader value (CVE-2021-26691)

  - httpd: Unexpected URL matching with 'MergeSlashes OFF' (CVE-2021-30641)

  - httpd: NULL pointer dereference via malformed requests (CVE-2021-34798)

  - Red Hat JBCS: URL normalization issue with dot-dot-semicolon(s) leads to information disclosure     (CVE-2021-3688)

  - openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3652-1 advisory.

  - The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680     (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds     read and application crash) via a crafted regular expression. (CVE-2017-6004)

  - libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service     (segmentation violation for read access, and application crash) by triggering an invalid Unicode property     lookup. (CVE-2017-7186)

  - The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a     denial of service (invalid memory read) via a crafted file. (CVE-2017-7244)

  - Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40     allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other     impact via a crafted file. (CVE-2017-7245)

  - Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40     allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified     other impact via a crafted file. (CVE-2017-7246)

  - libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R     has more than one fixed quantifier, a related issue to CVE-2019-20454. (CVE-2019-20838)

  - libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
    (CVE-2020-14155)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4373 advisory.

  - pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1     (CVE-2019-20838)

  - pcre: Integer overflow when parsing callout numeric arguments (CVE-2020-14155)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4373 advisory.

  - pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1     (CVE-2019-20838)

  - pcre: Integer overflow when parsing callout numeric arguments (CVE-2020-14155)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1441-1 advisory.

  - libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R     has more than one fixed quantifier, a related issue to CVE-2019-20454. (CVE-2019-20838)

  - libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
    (CVE-2020-14155)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3529-1 advisory.

  - libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R     has more than one fixed quantifier, a related issue to CVE-2019-20454. (CVE-2019-20838)

  - libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
    (CVE-2020-14155)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3529-1 advisory.

  - libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R     has more than one fixed quantifier, a related issue to CVE-2019-20454. (CVE-2019-20838)

  - libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
    (CVE-2020-14155)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.6 Security Update 2021-001 Mojave, 10.15.x prior to 10.15.7 Security Update 2021-001 Catalina, or 11.x prior to 11.2. It is, therefore, affected by multiple vulnerabilities, including the following:

  - A logic issue existed resulting in memory corruption. This was addressed with improved state management.
    An application may be able to execute arbitrary code with kernel privileges. (CVE-2020-27904)

  - A logic issue existed that allowed applications to execute arbitrary code with kernel privileges.
    (CVE-2021-1750)

  - An out-of-bounds-write caused by improper input validation allowed maliciously crafted USD files to     unexpectedly terminate an application or cause arbitrary code execution. (CVE-2021-1762)

Note that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.

The remote host is running a version of macOS / Mac OS X that is 11.0.x prior to 11.0.1. It is, therefore, affected by multiple vulnerabilities, including the following:

  - An out-of-bounds write issue that can lead to unexpected application termination or arbitrary code     execution when opening a maliciously crafted PDF file. (CVE-2020-9876)

  - An out-of-bounds write caused by insufficient input validation that can lead to arbitrary code execution     when processing a maliciously crafted image. (CVE-2020-9883)

  - A remote attacker may be able to unexpectedly alter the Mail application date due to insufficient checks.
    (CVE-2020-9941)

Note that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.

An update of the pcre package has been released.

ID	Name	Product	Family	Severity
184532	Rocky Linux 8 : pcre (RLSA-2021:4373)	Nessus	Rocky Linux Local Security Checks	high
177842	Nessus Network Monitor < 6.2.2 Multiple Vulnerabilities (TNS-2023-23)	Nessus	Misc.	critical
161249	Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : PCRE vulnerabilities (USN-5425-1)	Nessus	Ubuntu Local Security Checks	high
157545	AlmaLinux 8 : pcre (ALSA-2021:4373)	Nessus	Alma Linux Local Security Checks	high
155397	Oracle Linux 8 : pcre (ELSA-2021-4373)	Nessus	Oracle Linux Local Security Checks	high
155223	RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 (RHSA-2021:4614)	Nessus	Red Hat Local Security Checks	critical
155134	SUSE SLED12 / SLES12 Security Update : pcre (SUSE-SU-2021:3652-1)	Nessus	SuSE Local Security Checks	high
155093	RHEL 8 : pcre (RHSA-2021:4373)	Nessus	Red Hat Local Security Checks	high
155050	CentOS 8 : pcre (CESA-2021:4373)	Nessus	CentOS Local Security Checks	high
154860	openSUSE 15 Security Update : pcre (openSUSE-SU-2021:1441-1)	Nessus	SuSE Local Security Checks	high
154664	openSUSE 15 Security Update : pcre (openSUSE-SU-2021:3529-1)	Nessus	SuSE Local Security Checks	high
154651	SUSE SLED15 / SLES15 Security Update : pcre (SUSE-SU-2021:3529-1)	Nessus	SuSE Local Security Checks	high
146086	macOS 10.14.x < 10.14.6 Security Update 2021-001 / 10.15.x < 10.15.7 Security Update 2021-001 / macOS 11.x < 11.2 (HT212147)	Nessus	MacOS X Local Security Checks	critical
143115	macOS 11.0.x < 11.0.1	Nessus	MacOS X Local Security Checks	high
138182	Photon OS 3.0: Pcre PHSA-2020-3.0-0108	Nessus	PhotonOS Local Security Checks	high

Detections

Analytics

CVE-2019-20838

high

Tenable Plugins

high

critical

high

high

high

critical

high

high

high

high

high

high

critical

high

high