CVE-2020-14155

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.

References

https://bugs.gentoo.org/717920

https://www.pcre.org/original/changelog.txt

https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/

https://support.apple.com/kb/HT211931

http://seclists.org/fulldisclosure/2020/Dec/32

https://support.apple.com/kb/HT212147

http://seclists.org/fulldisclosure/2021/Feb/14

https://lists.apache.org/thread.html/[email protected]%3Cdev.mina.apache.org%3E

Details

Source: MITRE

Published: 2020-06-15

Updated: 2021-09-22

Type: CWE-190

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3

Base Score: 5.3

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Impact Score: 1.4

Exploitability Score: 3.9

Severity: MEDIUM

Tenable Plugins

View all (21 total)

IDNameProductFamilySeverity
155397Oracle Linux 8 : pcre (ELSA-2021-4373)NessusOracle Linux Local Security Checks
medium
155223RHEL 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 (RHSA-2021:4614)NessusRed Hat Local Security Checks
critical
155134SUSE SLED12 / SLES12 Security Update : pcre (SUSE-SU-2021:3652-1)NessusSuSE Local Security Checks
high
155093RHEL 8 : pcre (RHSA-2021:4373)NessusRed Hat Local Security Checks
medium
155050CentOS 8 : pcre (CESA-2021:4373)NessusCentOS Local Security Checks
medium
154860openSUSE 15 Security Update : pcre (openSUSE-SU-2021:1441-1)NessusSuSE Local Security Checks
medium
154664openSUSE 15 Security Update : pcre (openSUSE-SU-2021:3529-1)NessusSuSE Local Security Checks
medium
154651SUSE SLED15 / SLES15 Security Update : pcre (SUSE-SU-2021:3529-1)NessusSuSE Local Security Checks
medium
151394EulerOS Virtualization 3.0.2.2 : pcre (EulerOS-SA-2021-2156)NessusHuawei Local Security Checks
medium
146086macOS 10.14.x < 10.14.6 Security Update 2021-001 / 10.15.x < 10.15.7 Security Update 2021-001 / macOS 11.x < 11.2 (HT212147)NessusMacOS X Local Security Checks
high
143115macOS 11.0.x < 11.0.1NessusMacOS X Local Security Checks
high
142534EulerOS Virtualization 3.0.6.6 : pcre (EulerOS-SA-2020-2458)NessusHuawei Local Security Checks
medium
142328EulerOS 2.0 SP2 : pcre (EulerOS-SA-2020-2379)NessusHuawei Local Security Checks
medium
140855EulerOS 2.0 SP3 : pcre (EulerOS-SA-2020-2088)NessusHuawei Local Security Checks
medium
140320EulerOS Virtualization for ARM 64 3.0.2.0 : pcre (EulerOS-SA-2020-1950)NessusHuawei Local Security Checks
medium
140163EulerOS 2.0 SP5 : pcre (EulerOS-SA-2020-1942)NessusHuawei Local Security Checks
medium
139999EulerOS Virtualization for ARM 64 3.0.6.0 : pcre (EulerOS-SA-2020-1896)NessusHuawei Local Security Checks
medium
139149EulerOS 2.0 SP8 : pcre (EulerOS-SA-2020-1819)NessusHuawei Local Security Checks
medium
138191Photon OS 2.0: Pcre PHSA-2020-2.0-0256NessusPhotonOS Local Security Checks
medium
138182Photon OS 3.0: Pcre PHSA-2020-3.0-0108NessusPhotonOS Local Security Checks
medium
138123FreeBSD : Gitlab -- Multiple Vulnerabilities (0a305431-bc98-11ea-a051-001b217b3468)NessusFreeBSD Local Security Checks
critical