Your submission was sent successfully! Close

CVE-2020-14155

Published: 15 June 2020

libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.

Priority

Negligible

CVSS 3 base score: 5.3

Status

Package Release Status
pcre3
Launchpad, Ubuntu, Debian
bionic
Released (2:8.39-9ubuntu0.1)
eoan Ignored
(reached end-of-life)
focal
Released (2:8.39-12ubuntu0.1)
groovy Not vulnerable
(2:8.39-13)
hirsute Not vulnerable
(2:8.39-13)
impish Not vulnerable
(2:8.39-13)
jammy Not vulnerable
(2:8.39-13)
precise Ignored
(end of ESM support, was needed)
trusty
Released (1:8.31-2ubuntu2.3+esm1)
upstream
Released (8.44,2:8.39-13)
xenial
Released (2:8.38-3.1ubuntu0.1~esm1)
Patches:
upstream: https://vcs.pcre.org/pcre?view=revision&revision=1761