vulnerability
Amazon Linux 2023: CVE-2022-41409: Low priority package update for pcre2
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | 2023-07-18 | 2025-02-17 | 2025-02-17 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
2023-07-18
Added
2025-02-17
Modified
2025-02-17
Description
Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.
A flaw was found in PCRE2, where it is susceptible to an integer overflow vulnerability triggered by a negative repeat value in the pcre2test subject line that causes infinite looping. This flaw allows a remote attacker to pass specially crafted data to the application, initiating an integer overflow and executing a denial of service (DoS) attack.
A flaw was found in PCRE2, where it is susceptible to an integer overflow vulnerability triggered by a negative repeat value in the pcre2test subject line that causes infinite looping. This flaw allows a remote attacker to pass specially crafted data to the application, initiating an integer overflow and executing a denial of service (DoS) attack.
Solution(s)
amazon-linux-2023-upgrade-pcre2amazon-linux-2023-upgrade-pcre2-debuginfoamazon-linux-2023-upgrade-pcre2-debugsourceamazon-linux-2023-upgrade-pcre2-develamazon-linux-2023-upgrade-pcre2-staticamazon-linux-2023-upgrade-pcre2-syntaxamazon-linux-2023-upgrade-pcre2-toolsamazon-linux-2023-upgrade-pcre2-tools-debuginfoamazon-linux-2023-upgrade-pcre2-utf16amazon-linux-2023-upgrade-pcre2-utf16-debuginfoamazon-linux-2023-upgrade-pcre2-utf32amazon-linux-2023-upgrade-pcre2-utf32-debuginfo
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.