CVE-2022-41409

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-41409
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-41409.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-41409
Downstream
Related
Published
2023-07-18T14:15:12.197Z
Modified
2026-03-14T11:55:31.131270Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.

References

Affected packages

Git / github.com/pcre2project/pcre2

Affected ranges

Type
GIT
Repo
https://github.com/pcre2project/pcre2
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
7c49b40e8aed10cc2667dd3c4b7bb692d13ade2a
Fixed
94e1c001761373b7d9450768aa15d04c25547a35
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "10.41"
        }
    ]
}

Affected versions

pcre2-10.*
pcre2-10.38
pcre2-10.38-RC1
pcre2-10.39
pcre2-10.40

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-41409.json"
vanir_signatures 
[
    {
        "signature_version": "v1",
        "target": {
            "file": "src/pcre2test.c"
        },
        "source": "https://github.com/pcre2project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "62489852517137625250442895310532729877",
                "201713021635601015043319097914336087915",
                "322293490913182853245187905827756638256",
                "207896007219727419804105114721414926380",
                "252707345794246848607483269209822253197",
                "132236701326433796789918249164278653346"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2022-41409-0118e1b8",
        "signature_type": "Line"
    },
    {
        "signature_version": "v1",
        "target": {
            "file": "src/pcre2_compile.c",
            "function": "pcre2_code_free"
        },
        "source": "https://github.com/pcre2project/pcre2/commit/7c49b40e8aed10cc2667dd3c4b7bb692d13ade2a",
        "deprecated": false,
        "digest": {
            "function_hash": "291611100143254405593915313093031444199",
            "length": 539.0
        },
        "id": "CVE-2022-41409-7b620d9d",
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "target": {
            "file": "src/pcre2test.c",
            "function": "process_data"
        },
        "source": "https://github.com/pcre2project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35",
        "deprecated": false,
        "digest": {
            "function_hash": "337203437419393383331572633756157855685",
            "length": 30670.0
        },
        "id": "CVE-2022-41409-9947a8ff",
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "target": {
            "file": "src/pcre2_compile.c"
        },
        "source": "https://github.com/pcre2project/pcre2/commit/7c49b40e8aed10cc2667dd3c4b7bb692d13ade2a",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "117830070775128279011952155861404518978",
                "301724993596358088212685145666150882560",
                "39920358135339226743147736293932035663",
                "71557052945412493880793540225677577445"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2022-41409-c4580d87",
        "signature_type": "Line"
    }
]