← Back

CVE-2020-14155

nvd nist
Published: Jun 15, 2020Modified: Nov 21, 2024

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.

Affected (22)

Products: Pcre: Pcre · Apple: Macos · Gitlab: Gitlab · +3 more
Show all products
Pcre: Pcre · Apple: Macos · Gitlab: Gitlab · Oracle: Communications Cloud Native Core Policy · Netapp: Active Iq Unified Manager, Cloud Backup, Clustered Data Ontap, Ontap Select Deploy Administration Utility, Steelstore Cloud Integrated Storage, H410c Firmware, H300s Firmware, H500s Firmware, H700s Firmware, H410s Firmware · Splunk: Universal Forwarder
Pcre
1 product
Pcre
Apple
1 product
Macos
Gitlab
1 product
Gitlab
Oracle
1 product
Communications Cloud Native Core Policy
Netapp
10 products
Active Iq Unified Manager
Cloud Backup
Clustered Data Ontap
Ontap Select Deploy Administration Utility
Steelstore Cloud Integrated Storage
H410c Firmware
H300s Firmware
H500s Firmware
H700s Firmware
H410s Firmware
Splunk
1 product
Universal Forwarder
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Pcre
Before 8.44
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Macos
Before 11.0.1
Configuration C
6 vulnerable
Vulnerable SoftwareAffected Versions
Gitlab
Gitlab
Before 12.10.13
Gitlab
From 13.0.0 to 13.0.8
Gitlab
From 13.1.0 to 13.1.2
Gitlab
Before 12.10.13
Gitlab
From 13.0.0 to 13.0.8
Gitlab
From 13.1.0 to 13.1.2
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Communications Cloud Native Core Policy
Version 1.15.0
Configuration E
5 vulnerable
Vulnerable SoftwareAffected Versions
Active Iq Unified Manager
All versions
Cloud Backup
All versions
Clustered Data Ontap
All versions
Ontap Select Deploy Administration Utility
All versions
Steelstore Cloud Integrated Storage
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H410c Firmware
All versions
Running on/withPlatform Versions
Netapp
H410c
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H300s Firmware
All versions
Running on/withPlatform Versions
Netapp
H300s
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H500s Firmware
All versions
Running on/withPlatform Versions
Netapp
H500s
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H700s Firmware
All versions
Running on/withPlatform Versions
Netapp
H700s
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H410s Firmware
All versions
Running on/withPlatform Versions
Netapp
H410s
All versions
Configuration K
3 vulnerable
Vulnerable SoftwareAffected Versions
Splunk
Universal Forwarder
From 8.2.0 to 8.2.12
Universal Forwarder
From 9.0.0 to 9.0.6
Universal Forwarder
Version 9.1.0

Related CWEs

CWE-190
Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

References (20)

Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Issue TrackingPatchThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
PatchThird Party Advisory
Source: cve@mitre.org
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory

Timeline

No history available yet.