Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-58050 (GCVE-0-2025-58050)
Vulnerability from cvelistv5 – Published: 2025-08-27 18:47 – Updated: 2025-08-27 19:14
VLAI?
EPSS
Title
PCRE2: heap-buffer-overflow read in match_ref due to missing boundary restoration in SCS
Summary
The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the (*scs:...) (Scan SubString) verb when combined with (*ACCEPT) in src/pcre2_match.c. This vulnerability may potentially lead to information disclosure if the out-of-bounds data read during the memcmp affects the final match result in a way observable by the attacker. This issue has been resolved in version 10.46.
Severity ?
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PCRE2Project | pcre2 |
Affected:
= 10.45
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58050",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-27T19:14:21.101932Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T19:14:38.145Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "pcre2",
"vendor": "PCRE2Project",
"versions": [
{
"status": "affected",
"version": "= 10.45"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the (*scs:...) (Scan SubString) verb when combined with (*ACCEPT) in src/pcre2_match.c. This vulnerability may potentially lead to information disclosure if the out-of-bounds data read during the memcmp affects the final match result in a way observable by the attacker. This issue has been resolved in version 10.46."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T18:47:35.041Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2"
},
{
"name": "https://github.com/PCRE2Project/pcre2/commit/a141712e5967d448c7ce13090ab530c8e3d82254",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PCRE2Project/pcre2/commit/a141712e5967d448c7ce13090ab530c8e3d82254"
},
{
"name": "https://github.com/PCRE2Project/pcre2/releases/tag/pcre2-10.46",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PCRE2Project/pcre2/releases/tag/pcre2-10.46"
}
],
"source": {
"advisory": "GHSA-c2gv-xgf5-5cc2",
"discovery": "UNKNOWN"
},
"title": "PCRE2: heap-buffer-overflow read in match_ref due to missing boundary restoration in SCS"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-58050",
"datePublished": "2025-08-27T18:47:35.041Z",
"dateReserved": "2025-08-22T14:30:32.221Z",
"dateUpdated": "2025-08-27T19:14:38.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-58050",
"date": "2026-04-22",
"epss": "0.00034",
"percentile": "0.09886"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-58050\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-08-27T19:15:37.560\",\"lastModified\":\"2025-09-09T15:27:39.573\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the (*scs:...) (Scan SubString) verb when combined with (*ACCEPT) in src/pcre2_match.c. This vulnerability may potentially lead to information disclosure if the out-of-bounds data read during the memcmp affects the final match result in a way observable by the attacker. This issue has been resolved in version 10.46.\"},{\"lang\":\"es\",\"value\":\"La librer\u00eda PCRE2 es un conjunto de funciones de C que implementan la coincidencia de patrones con expresiones regulares. En la versi\u00f3n 10.45, existe una vulnerabilidad de lectura por desbordamiento de b\u00fafer de mont\u00f3n en el motor de coincidencia de expresiones regulares de PCRE2, espec\u00edficamente en la gesti\u00f3n del verbo (*scs:...) (Scan SubString) al combinarse con (*ACCEPT) en src/pcre2_match.c. Esta vulnerabilidad podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n si los datos fuera de los l\u00edmites le\u00eddos durante la memcmp afectan el resultado final de la coincidencia de forma observable para el atacante. Este problema se ha resuelto en la versi\u00f3n 10.46.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":6.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"LOW\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"LOW\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-122\"},{\"lang\":\"en\",\"value\":\"CWE-125\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pcre:pcre2:10.45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CD0797B-DF92-41CB-B392-0442CCC30E7B\"}]}]}],\"references\":[{\"url\":\"https://github.com/PCRE2Project/pcre2/commit/a141712e5967d448c7ce13090ab530c8e3d82254\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/PCRE2Project/pcre2/releases/tag/pcre2-10.46\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-58050\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-27T19:14:21.101932Z\"}}}], \"references\": [{\"url\": \"https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-27T18:57:33.716Z\"}}], \"cna\": {\"title\": \"PCRE2: heap-buffer-overflow read in match_ref due to missing boundary restoration in SCS\", \"source\": {\"advisory\": \"GHSA-c2gv-xgf5-5cc2\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 6.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:L\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"LOW\", \"vulnAvailabilityImpact\": \"LOW\", \"subConfidentialityImpact\": \"LOW\", \"vulnConfidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"PCRE2Project\", \"product\": \"pcre2\", \"versions\": [{\"status\": \"affected\", \"version\": \"= 10.45\"}]}], \"references\": [{\"url\": \"https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2\", \"name\": \"https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/PCRE2Project/pcre2/commit/a141712e5967d448c7ce13090ab530c8e3d82254\", \"name\": \"https://github.com/PCRE2Project/pcre2/commit/a141712e5967d448c7ce13090ab530c8e3d82254\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/PCRE2Project/pcre2/releases/tag/pcre2-10.46\", \"name\": \"https://github.com/PCRE2Project/pcre2/releases/tag/pcre2-10.46\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the (*scs:...) (Scan SubString) verb when combined with (*ACCEPT) in src/pcre2_match.c. This vulnerability may potentially lead to information disclosure if the out-of-bounds data read during the memcmp affects the final match result in a way observable by the attacker. This issue has been resolved in version 10.46.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"CWE-125: Out-of-bounds Read\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-122\", \"description\": \"CWE-122: Heap-based Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-08-27T18:47:35.041Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-58050\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-27T19:14:38.145Z\", \"dateReserved\": \"2025-08-22T14:30:32.221Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-08-27T18:47:35.041Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
BDU:2025-12592
Vulnerability from fstec - Published: 27.08.2025
VLAI Severity ?
Title
Уязвимость библиотеки регулярных выражений PCRE2, связанная с чтением за границами буфера в памяти, позволяющая нарушителю получить доступ к конфиденциальной информации
Description
Уязвимость библиотеки регулярных выражений PCRE2 связана с чтением за границами буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить доступ к конфиденциальной информации
Severity ?
Vendor
ООО «Ред Софт», Philip Hazel
Software Name
РЕД ОС (запись в едином реестре российских программ №3751), PCRE2
Software Version
7.3 (РЕД ОС), 2.10.45 (PCRE2)
Possible Mitigations
Использование рекомендаций производителя:
https://github.com/PCRE2Project/pcre2/commit/a141712e5967d448c7ce13090ab530c8e3d82254
Для РедОС:
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Reference
https://github.com/PCRE2Project/pcre2/commit/a141712e5967d448c7ce13090ab530c8e3d82254
https://redos.red-soft.ru/support/secure/
CWE
CWE-125
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, Philip Hazel",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7.3 (\u0420\u0415\u0414 \u041e\u0421), 2.10.45 (PCRE2)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://github.com/PCRE2Project/pcre2/commit/a141712e5967d448c7ce13090ab530c8e3d82254\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: \nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "27.08.2025",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.10.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "08.10.2025",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-12592",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-58050",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "\u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), PCRE2",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0439 PCRE2, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0447\u0442\u0435\u043d\u0438\u0435\u043c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0427\u0442\u0435\u043d\u0438\u0435 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-125)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0439 PCRE2 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0447\u0442\u0435\u043d\u0438\u0435\u043c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/PCRE2Project/pcre2/commit/a141712e5967d448c7ce13090ab530c8e3d82254\nhttps://redos.red-soft.ru/support/secure/",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-125",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,4)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,1)"
}
SUSE-SU-2026:21094-1
Vulnerability from csaf_suse - Published: 2026-04-10 18:27 - Updated: 2026-04-10 18:27Summary
Security update for pcre2
Severity
Moderate
Notes
Title of the patch: Security update for pcre2
Description of the patch: This update for pcre2 fixes the following issue:
- CVE-2025-58050: integer overflow leads to heap buffer overread in match_ref due to missing boundary restoration in SCS
(bsc#1248842).
Patchnames: SUSE-SL-Micro-6.2-528
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for pcre2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for pcre2 fixes the following issue:\n\n- CVE-2025-58050: integer overflow leads to heap buffer overread in match_ref due to missing boundary restoration in SCS\n (bsc#1248842).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-528",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21094-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21094-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621094-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21094-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-April/045590.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248842",
"url": "https://bugzilla.suse.com/1248842"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58050 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58050/"
}
],
"title": "Security update for pcre2",
"tracking": {
"current_release_date": "2026-04-10T18:27:30Z",
"generator": {
"date": "2026-04-10T18:27:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21094-1",
"initial_release_date": "2026-04-10T18:27:30Z",
"revision_history": [
{
"date": "2026-04-10T18:27:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libpcre2-8-0-10.45-160000.3.1.aarch64",
"product": {
"name": "libpcre2-8-0-10.45-160000.3.1.aarch64",
"product_id": "libpcre2-8-0-10.45-160000.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libpcre2-8-0-10.45-160000.3.1.ppc64le",
"product": {
"name": "libpcre2-8-0-10.45-160000.3.1.ppc64le",
"product_id": "libpcre2-8-0-10.45-160000.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libpcre2-8-0-10.45-160000.3.1.s390x",
"product": {
"name": "libpcre2-8-0-10.45-160000.3.1.s390x",
"product_id": "libpcre2-8-0-10.45-160000.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libpcre2-8-0-10.45-160000.3.1.x86_64",
"product": {
"name": "libpcre2-8-0-10.45-160000.3.1.x86_64",
"product_id": "libpcre2-8-0-10.45-160000.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:transactional"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-10.45-160000.3.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libpcre2-8-0-10.45-160000.3.1.aarch64"
},
"product_reference": "libpcre2-8-0-10.45-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-10.45-160000.3.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libpcre2-8-0-10.45-160000.3.1.ppc64le"
},
"product_reference": "libpcre2-8-0-10.45-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-10.45-160000.3.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libpcre2-8-0-10.45-160000.3.1.s390x"
},
"product_reference": "libpcre2-8-0-10.45-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-10.45-160000.3.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libpcre2-8-0-10.45-160000.3.1.x86_64"
},
"product_reference": "libpcre2-8-0-10.45-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-58050",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58050"
}
],
"notes": [
{
"category": "general",
"text": "The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the (*scs:...) (Scan SubString) verb when combined with (*ACCEPT) in src/pcre2_match.c. This vulnerability may potentially lead to information disclosure if the out-of-bounds data read during the memcmp affects the final match result in a way observable by the attacker. This issue has been resolved in version 10.46.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libpcre2-8-0-10.45-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libpcre2-8-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libpcre2-8-0-10.45-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libpcre2-8-0-10.45-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58050",
"url": "https://www.suse.com/security/cve/CVE-2025-58050"
},
{
"category": "external",
"summary": "SUSE Bug 1248825 for CVE-2025-58050",
"url": "https://bugzilla.suse.com/1248825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libpcre2-8-0-10.45-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libpcre2-8-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libpcre2-8-0-10.45-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libpcre2-8-0-10.45-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libpcre2-8-0-10.45-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libpcre2-8-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libpcre2-8-0-10.45-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libpcre2-8-0-10.45-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-10T18:27:30Z",
"details": "moderate"
}
],
"title": "CVE-2025-58050"
}
]
}
SUSE-SU-2026:21172-1
Vulnerability from csaf_suse - Published: 2026-04-10 18:27 - Updated: 2026-04-10 18:27Summary
Security update for pcre2
Severity
Moderate
Notes
Title of the patch: Security update for pcre2
Description of the patch: This update for pcre2 fixes the following issue:
- CVE-2025-58050: integer overflow leads to heap buffer overread in match_ref due to missing boundary restoration in SCS
(bsc#1248842).
Patchnames: SUSE-SLES-16.0-528
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for pcre2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for pcre2 fixes the following issue:\n\n- CVE-2025-58050: integer overflow leads to heap buffer overread in match_ref due to missing boundary restoration in SCS\n (bsc#1248842).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-528",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21172-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21172-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621172-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21172-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025531.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248842",
"url": "https://bugzilla.suse.com/1248842"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58050 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58050/"
}
],
"title": "Security update for pcre2",
"tracking": {
"current_release_date": "2026-04-10T18:27:30Z",
"generator": {
"date": "2026-04-10T18:27:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21172-1",
"initial_release_date": "2026-04-10T18:27:30Z",
"revision_history": [
{
"date": "2026-04-10T18:27:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libpcre2-16-0-10.45-160000.3.1.aarch64",
"product": {
"name": "libpcre2-16-0-10.45-160000.3.1.aarch64",
"product_id": "libpcre2-16-0-10.45-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpcre2-32-0-10.45-160000.3.1.aarch64",
"product": {
"name": "libpcre2-32-0-10.45-160000.3.1.aarch64",
"product_id": "libpcre2-32-0-10.45-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpcre2-8-0-10.45-160000.3.1.aarch64",
"product": {
"name": "libpcre2-8-0-10.45-160000.3.1.aarch64",
"product_id": "libpcre2-8-0-10.45-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpcre2-posix3-10.45-160000.3.1.aarch64",
"product": {
"name": "libpcre2-posix3-10.45-160000.3.1.aarch64",
"product_id": "libpcre2-posix3-10.45-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "pcre2-devel-10.45-160000.3.1.aarch64",
"product": {
"name": "pcre2-devel-10.45-160000.3.1.aarch64",
"product_id": "pcre2-devel-10.45-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "pcre2-devel-static-10.45-160000.3.1.aarch64",
"product": {
"name": "pcre2-devel-static-10.45-160000.3.1.aarch64",
"product_id": "pcre2-devel-static-10.45-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "pcre2-tools-10.45-160000.3.1.aarch64",
"product": {
"name": "pcre2-tools-10.45-160000.3.1.aarch64",
"product_id": "pcre2-tools-10.45-160000.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pcre2-doc-10.45-160000.3.1.noarch",
"product": {
"name": "pcre2-doc-10.45-160000.3.1.noarch",
"product_id": "pcre2-doc-10.45-160000.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libpcre2-16-0-10.45-160000.3.1.ppc64le",
"product": {
"name": "libpcre2-16-0-10.45-160000.3.1.ppc64le",
"product_id": "libpcre2-16-0-10.45-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpcre2-32-0-10.45-160000.3.1.ppc64le",
"product": {
"name": "libpcre2-32-0-10.45-160000.3.1.ppc64le",
"product_id": "libpcre2-32-0-10.45-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpcre2-8-0-10.45-160000.3.1.ppc64le",
"product": {
"name": "libpcre2-8-0-10.45-160000.3.1.ppc64le",
"product_id": "libpcre2-8-0-10.45-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpcre2-posix3-10.45-160000.3.1.ppc64le",
"product": {
"name": "libpcre2-posix3-10.45-160000.3.1.ppc64le",
"product_id": "libpcre2-posix3-10.45-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pcre2-devel-10.45-160000.3.1.ppc64le",
"product": {
"name": "pcre2-devel-10.45-160000.3.1.ppc64le",
"product_id": "pcre2-devel-10.45-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pcre2-devel-static-10.45-160000.3.1.ppc64le",
"product": {
"name": "pcre2-devel-static-10.45-160000.3.1.ppc64le",
"product_id": "pcre2-devel-static-10.45-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pcre2-tools-10.45-160000.3.1.ppc64le",
"product": {
"name": "pcre2-tools-10.45-160000.3.1.ppc64le",
"product_id": "pcre2-tools-10.45-160000.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libpcre2-16-0-10.45-160000.3.1.s390x",
"product": {
"name": "libpcre2-16-0-10.45-160000.3.1.s390x",
"product_id": "libpcre2-16-0-10.45-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libpcre2-32-0-10.45-160000.3.1.s390x",
"product": {
"name": "libpcre2-32-0-10.45-160000.3.1.s390x",
"product_id": "libpcre2-32-0-10.45-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libpcre2-8-0-10.45-160000.3.1.s390x",
"product": {
"name": "libpcre2-8-0-10.45-160000.3.1.s390x",
"product_id": "libpcre2-8-0-10.45-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libpcre2-posix3-10.45-160000.3.1.s390x",
"product": {
"name": "libpcre2-posix3-10.45-160000.3.1.s390x",
"product_id": "libpcre2-posix3-10.45-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "pcre2-devel-10.45-160000.3.1.s390x",
"product": {
"name": "pcre2-devel-10.45-160000.3.1.s390x",
"product_id": "pcre2-devel-10.45-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "pcre2-devel-static-10.45-160000.3.1.s390x",
"product": {
"name": "pcre2-devel-static-10.45-160000.3.1.s390x",
"product_id": "pcre2-devel-static-10.45-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "pcre2-tools-10.45-160000.3.1.s390x",
"product": {
"name": "pcre2-tools-10.45-160000.3.1.s390x",
"product_id": "pcre2-tools-10.45-160000.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libpcre2-16-0-10.45-160000.3.1.x86_64",
"product": {
"name": "libpcre2-16-0-10.45-160000.3.1.x86_64",
"product_id": "libpcre2-16-0-10.45-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpcre2-32-0-10.45-160000.3.1.x86_64",
"product": {
"name": "libpcre2-32-0-10.45-160000.3.1.x86_64",
"product_id": "libpcre2-32-0-10.45-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpcre2-8-0-10.45-160000.3.1.x86_64",
"product": {
"name": "libpcre2-8-0-10.45-160000.3.1.x86_64",
"product_id": "libpcre2-8-0-10.45-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpcre2-posix3-10.45-160000.3.1.x86_64",
"product": {
"name": "libpcre2-posix3-10.45-160000.3.1.x86_64",
"product_id": "libpcre2-posix3-10.45-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "pcre2-devel-10.45-160000.3.1.x86_64",
"product": {
"name": "pcre2-devel-10.45-160000.3.1.x86_64",
"product_id": "pcre2-devel-10.45-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "pcre2-devel-static-10.45-160000.3.1.x86_64",
"product": {
"name": "pcre2-devel-static-10.45-160000.3.1.x86_64",
"product_id": "pcre2-devel-static-10.45-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "pcre2-tools-10.45-160000.3.1.x86_64",
"product": {
"name": "pcre2-tools-10.45-160000.3.1.x86_64",
"product_id": "pcre2-tools-10.45-160000.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-16-0-10.45-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpcre2-16-0-10.45-160000.3.1.aarch64"
},
"product_reference": "libpcre2-16-0-10.45-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-16-0-10.45-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpcre2-16-0-10.45-160000.3.1.ppc64le"
},
"product_reference": "libpcre2-16-0-10.45-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-16-0-10.45-160000.3.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpcre2-16-0-10.45-160000.3.1.s390x"
},
"product_reference": "libpcre2-16-0-10.45-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-16-0-10.45-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpcre2-16-0-10.45-160000.3.1.x86_64"
},
"product_reference": "libpcre2-16-0-10.45-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-32-0-10.45-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpcre2-32-0-10.45-160000.3.1.aarch64"
},
"product_reference": "libpcre2-32-0-10.45-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-32-0-10.45-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpcre2-32-0-10.45-160000.3.1.ppc64le"
},
"product_reference": "libpcre2-32-0-10.45-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-32-0-10.45-160000.3.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpcre2-32-0-10.45-160000.3.1.s390x"
},
"product_reference": "libpcre2-32-0-10.45-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-32-0-10.45-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpcre2-32-0-10.45-160000.3.1.x86_64"
},
"product_reference": "libpcre2-32-0-10.45-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-10.45-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpcre2-8-0-10.45-160000.3.1.aarch64"
},
"product_reference": "libpcre2-8-0-10.45-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-10.45-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpcre2-8-0-10.45-160000.3.1.ppc64le"
},
"product_reference": "libpcre2-8-0-10.45-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-10.45-160000.3.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpcre2-8-0-10.45-160000.3.1.s390x"
},
"product_reference": "libpcre2-8-0-10.45-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-10.45-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpcre2-8-0-10.45-160000.3.1.x86_64"
},
"product_reference": "libpcre2-8-0-10.45-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-posix3-10.45-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpcre2-posix3-10.45-160000.3.1.aarch64"
},
"product_reference": "libpcre2-posix3-10.45-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-posix3-10.45-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpcre2-posix3-10.45-160000.3.1.ppc64le"
},
"product_reference": "libpcre2-posix3-10.45-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-posix3-10.45-160000.3.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpcre2-posix3-10.45-160000.3.1.s390x"
},
"product_reference": "libpcre2-posix3-10.45-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-posix3-10.45-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libpcre2-posix3-10.45-160000.3.1.x86_64"
},
"product_reference": "libpcre2-posix3-10.45-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-10.45-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:pcre2-devel-10.45-160000.3.1.aarch64"
},
"product_reference": "pcre2-devel-10.45-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-10.45-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:pcre2-devel-10.45-160000.3.1.ppc64le"
},
"product_reference": "pcre2-devel-10.45-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-10.45-160000.3.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:pcre2-devel-10.45-160000.3.1.s390x"
},
"product_reference": "pcre2-devel-10.45-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-10.45-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:pcre2-devel-10.45-160000.3.1.x86_64"
},
"product_reference": "pcre2-devel-10.45-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-static-10.45-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:pcre2-devel-static-10.45-160000.3.1.aarch64"
},
"product_reference": "pcre2-devel-static-10.45-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-static-10.45-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:pcre2-devel-static-10.45-160000.3.1.ppc64le"
},
"product_reference": "pcre2-devel-static-10.45-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-static-10.45-160000.3.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:pcre2-devel-static-10.45-160000.3.1.s390x"
},
"product_reference": "pcre2-devel-static-10.45-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-static-10.45-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:pcre2-devel-static-10.45-160000.3.1.x86_64"
},
"product_reference": "pcre2-devel-static-10.45-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-doc-10.45-160000.3.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:pcre2-doc-10.45-160000.3.1.noarch"
},
"product_reference": "pcre2-doc-10.45-160000.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-tools-10.45-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:pcre2-tools-10.45-160000.3.1.aarch64"
},
"product_reference": "pcre2-tools-10.45-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-tools-10.45-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:pcre2-tools-10.45-160000.3.1.ppc64le"
},
"product_reference": "pcre2-tools-10.45-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-tools-10.45-160000.3.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:pcre2-tools-10.45-160000.3.1.s390x"
},
"product_reference": "pcre2-tools-10.45-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-tools-10.45-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:pcre2-tools-10.45-160000.3.1.x86_64"
},
"product_reference": "pcre2-tools-10.45-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-16-0-10.45-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-16-0-10.45-160000.3.1.aarch64"
},
"product_reference": "libpcre2-16-0-10.45-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-16-0-10.45-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-16-0-10.45-160000.3.1.ppc64le"
},
"product_reference": "libpcre2-16-0-10.45-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-16-0-10.45-160000.3.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-16-0-10.45-160000.3.1.s390x"
},
"product_reference": "libpcre2-16-0-10.45-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-16-0-10.45-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-16-0-10.45-160000.3.1.x86_64"
},
"product_reference": "libpcre2-16-0-10.45-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-32-0-10.45-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-32-0-10.45-160000.3.1.aarch64"
},
"product_reference": "libpcre2-32-0-10.45-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-32-0-10.45-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-32-0-10.45-160000.3.1.ppc64le"
},
"product_reference": "libpcre2-32-0-10.45-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-32-0-10.45-160000.3.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-32-0-10.45-160000.3.1.s390x"
},
"product_reference": "libpcre2-32-0-10.45-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-32-0-10.45-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-32-0-10.45-160000.3.1.x86_64"
},
"product_reference": "libpcre2-32-0-10.45-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-10.45-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-8-0-10.45-160000.3.1.aarch64"
},
"product_reference": "libpcre2-8-0-10.45-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-10.45-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-8-0-10.45-160000.3.1.ppc64le"
},
"product_reference": "libpcre2-8-0-10.45-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-10.45-160000.3.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-8-0-10.45-160000.3.1.s390x"
},
"product_reference": "libpcre2-8-0-10.45-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-10.45-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-8-0-10.45-160000.3.1.x86_64"
},
"product_reference": "libpcre2-8-0-10.45-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-posix3-10.45-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-posix3-10.45-160000.3.1.aarch64"
},
"product_reference": "libpcre2-posix3-10.45-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-posix3-10.45-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-posix3-10.45-160000.3.1.ppc64le"
},
"product_reference": "libpcre2-posix3-10.45-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-posix3-10.45-160000.3.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-posix3-10.45-160000.3.1.s390x"
},
"product_reference": "libpcre2-posix3-10.45-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-posix3-10.45-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-posix3-10.45-160000.3.1.x86_64"
},
"product_reference": "libpcre2-posix3-10.45-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-10.45-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-10.45-160000.3.1.aarch64"
},
"product_reference": "pcre2-devel-10.45-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-10.45-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-10.45-160000.3.1.ppc64le"
},
"product_reference": "pcre2-devel-10.45-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-10.45-160000.3.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-10.45-160000.3.1.s390x"
},
"product_reference": "pcre2-devel-10.45-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-10.45-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-10.45-160000.3.1.x86_64"
},
"product_reference": "pcre2-devel-10.45-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-static-10.45-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-static-10.45-160000.3.1.aarch64"
},
"product_reference": "pcre2-devel-static-10.45-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-static-10.45-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-static-10.45-160000.3.1.ppc64le"
},
"product_reference": "pcre2-devel-static-10.45-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-static-10.45-160000.3.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-static-10.45-160000.3.1.s390x"
},
"product_reference": "pcre2-devel-static-10.45-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-static-10.45-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-static-10.45-160000.3.1.x86_64"
},
"product_reference": "pcre2-devel-static-10.45-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-doc-10.45-160000.3.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-doc-10.45-160000.3.1.noarch"
},
"product_reference": "pcre2-doc-10.45-160000.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-tools-10.45-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-tools-10.45-160000.3.1.aarch64"
},
"product_reference": "pcre2-tools-10.45-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-tools-10.45-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-tools-10.45-160000.3.1.ppc64le"
},
"product_reference": "pcre2-tools-10.45-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-tools-10.45-160000.3.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-tools-10.45-160000.3.1.s390x"
},
"product_reference": "pcre2-tools-10.45-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-tools-10.45-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-tools-10.45-160000.3.1.x86_64"
},
"product_reference": "pcre2-tools-10.45-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-58050",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58050"
}
],
"notes": [
{
"category": "general",
"text": "The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the (*scs:...) (Scan SubString) verb when combined with (*ACCEPT) in src/pcre2_match.c. This vulnerability may potentially lead to information disclosure if the out-of-bounds data read during the memcmp affects the final match result in a way observable by the attacker. This issue has been resolved in version 10.46.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libpcre2-16-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpcre2-16-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpcre2-16-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpcre2-16-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpcre2-32-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpcre2-32-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpcre2-32-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpcre2-32-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpcre2-8-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpcre2-8-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpcre2-8-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpcre2-8-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpcre2-posix3-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpcre2-posix3-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpcre2-posix3-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpcre2-posix3-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-static-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-static-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-static-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-static-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:pcre2-doc-10.45-160000.3.1.noarch",
"SUSE Linux Enterprise Server 16.0:pcre2-tools-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:pcre2-tools-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:pcre2-tools-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:pcre2-tools-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-16-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-16-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-16-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-16-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-32-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-32-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-32-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-32-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-8-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-8-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-8-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-8-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-posix3-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-posix3-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-posix3-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-posix3-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-static-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-static-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-static-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-static-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-doc-10.45-160000.3.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-tools-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-tools-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-tools-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-tools-10.45-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58050",
"url": "https://www.suse.com/security/cve/CVE-2025-58050"
},
{
"category": "external",
"summary": "SUSE Bug 1248825 for CVE-2025-58050",
"url": "https://bugzilla.suse.com/1248825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libpcre2-16-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpcre2-16-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpcre2-16-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpcre2-16-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpcre2-32-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpcre2-32-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpcre2-32-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpcre2-32-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpcre2-8-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpcre2-8-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpcre2-8-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpcre2-8-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpcre2-posix3-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpcre2-posix3-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpcre2-posix3-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpcre2-posix3-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-static-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-static-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-static-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-static-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:pcre2-doc-10.45-160000.3.1.noarch",
"SUSE Linux Enterprise Server 16.0:pcre2-tools-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:pcre2-tools-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:pcre2-tools-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:pcre2-tools-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-16-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-16-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-16-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-16-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-32-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-32-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-32-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-32-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-8-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-8-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-8-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-8-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-posix3-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-posix3-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-posix3-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-posix3-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-static-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-static-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-static-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-static-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-doc-10.45-160000.3.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-tools-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-tools-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-tools-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-tools-10.45-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libpcre2-16-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpcre2-16-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpcre2-16-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpcre2-16-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpcre2-32-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpcre2-32-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpcre2-32-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpcre2-32-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpcre2-8-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpcre2-8-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpcre2-8-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpcre2-8-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libpcre2-posix3-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libpcre2-posix3-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libpcre2-posix3-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libpcre2-posix3-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-static-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-static-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-static-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:pcre2-devel-static-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:pcre2-doc-10.45-160000.3.1.noarch",
"SUSE Linux Enterprise Server 16.0:pcre2-tools-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:pcre2-tools-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:pcre2-tools-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:pcre2-tools-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-16-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-16-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-16-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-16-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-32-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-32-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-32-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-32-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-8-0-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-8-0-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-8-0-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-8-0-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-posix3-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-posix3-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-posix3-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libpcre2-posix3-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-static-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-static-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-static-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-devel-static-10.45-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-doc-10.45-160000.3.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-tools-10.45-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-tools-10.45-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-tools-10.45-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:pcre2-tools-10.45-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-10T18:27:30Z",
"details": "moderate"
}
],
"title": "CVE-2025-58050"
}
]
}
OPENSUSE-SU-2025:15501-1
Vulnerability from csaf_opensuse - Published: 2025-08-29 00:00 - Updated: 2025-08-29 00:00Summary
libpcre2-16-0-10.46-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: libpcre2-16-0-10.46-1.1 on GA media
Description of the patch: These are all security issues fixed in the libpcre2-16-0-10.46-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-15501
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libpcre2-16-0-10.46-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libpcre2-16-0-10.46-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15501",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15501-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58050 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58050/"
}
],
"title": "libpcre2-16-0-10.46-1.1 on GA media",
"tracking": {
"current_release_date": "2025-08-29T00:00:00Z",
"generator": {
"date": "2025-08-29T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15501-1",
"initial_release_date": "2025-08-29T00:00:00Z",
"revision_history": [
{
"date": "2025-08-29T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libpcre2-16-0-10.46-1.1.aarch64",
"product": {
"name": "libpcre2-16-0-10.46-1.1.aarch64",
"product_id": "libpcre2-16-0-10.46-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpcre2-16-0-32bit-10.46-1.1.aarch64",
"product": {
"name": "libpcre2-16-0-32bit-10.46-1.1.aarch64",
"product_id": "libpcre2-16-0-32bit-10.46-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpcre2-32-0-10.46-1.1.aarch64",
"product": {
"name": "libpcre2-32-0-10.46-1.1.aarch64",
"product_id": "libpcre2-32-0-10.46-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpcre2-32-0-32bit-10.46-1.1.aarch64",
"product": {
"name": "libpcre2-32-0-32bit-10.46-1.1.aarch64",
"product_id": "libpcre2-32-0-32bit-10.46-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpcre2-8-0-10.46-1.1.aarch64",
"product": {
"name": "libpcre2-8-0-10.46-1.1.aarch64",
"product_id": "libpcre2-8-0-10.46-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpcre2-8-0-32bit-10.46-1.1.aarch64",
"product": {
"name": "libpcre2-8-0-32bit-10.46-1.1.aarch64",
"product_id": "libpcre2-8-0-32bit-10.46-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpcre2-posix3-10.46-1.1.aarch64",
"product": {
"name": "libpcre2-posix3-10.46-1.1.aarch64",
"product_id": "libpcre2-posix3-10.46-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpcre2-posix3-32bit-10.46-1.1.aarch64",
"product": {
"name": "libpcre2-posix3-32bit-10.46-1.1.aarch64",
"product_id": "libpcre2-posix3-32bit-10.46-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "pcre2-devel-10.46-1.1.aarch64",
"product": {
"name": "pcre2-devel-10.46-1.1.aarch64",
"product_id": "pcre2-devel-10.46-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "pcre2-devel-static-10.46-1.1.aarch64",
"product": {
"name": "pcre2-devel-static-10.46-1.1.aarch64",
"product_id": "pcre2-devel-static-10.46-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "pcre2-doc-10.46-1.1.aarch64",
"product": {
"name": "pcre2-doc-10.46-1.1.aarch64",
"product_id": "pcre2-doc-10.46-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "pcre2-tools-10.46-1.1.aarch64",
"product": {
"name": "pcre2-tools-10.46-1.1.aarch64",
"product_id": "pcre2-tools-10.46-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libpcre2-16-0-10.46-1.1.ppc64le",
"product": {
"name": "libpcre2-16-0-10.46-1.1.ppc64le",
"product_id": "libpcre2-16-0-10.46-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpcre2-16-0-32bit-10.46-1.1.ppc64le",
"product": {
"name": "libpcre2-16-0-32bit-10.46-1.1.ppc64le",
"product_id": "libpcre2-16-0-32bit-10.46-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpcre2-32-0-10.46-1.1.ppc64le",
"product": {
"name": "libpcre2-32-0-10.46-1.1.ppc64le",
"product_id": "libpcre2-32-0-10.46-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpcre2-32-0-32bit-10.46-1.1.ppc64le",
"product": {
"name": "libpcre2-32-0-32bit-10.46-1.1.ppc64le",
"product_id": "libpcre2-32-0-32bit-10.46-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpcre2-8-0-10.46-1.1.ppc64le",
"product": {
"name": "libpcre2-8-0-10.46-1.1.ppc64le",
"product_id": "libpcre2-8-0-10.46-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpcre2-8-0-32bit-10.46-1.1.ppc64le",
"product": {
"name": "libpcre2-8-0-32bit-10.46-1.1.ppc64le",
"product_id": "libpcre2-8-0-32bit-10.46-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpcre2-posix3-10.46-1.1.ppc64le",
"product": {
"name": "libpcre2-posix3-10.46-1.1.ppc64le",
"product_id": "libpcre2-posix3-10.46-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpcre2-posix3-32bit-10.46-1.1.ppc64le",
"product": {
"name": "libpcre2-posix3-32bit-10.46-1.1.ppc64le",
"product_id": "libpcre2-posix3-32bit-10.46-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pcre2-devel-10.46-1.1.ppc64le",
"product": {
"name": "pcre2-devel-10.46-1.1.ppc64le",
"product_id": "pcre2-devel-10.46-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pcre2-devel-static-10.46-1.1.ppc64le",
"product": {
"name": "pcre2-devel-static-10.46-1.1.ppc64le",
"product_id": "pcre2-devel-static-10.46-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pcre2-doc-10.46-1.1.ppc64le",
"product": {
"name": "pcre2-doc-10.46-1.1.ppc64le",
"product_id": "pcre2-doc-10.46-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pcre2-tools-10.46-1.1.ppc64le",
"product": {
"name": "pcre2-tools-10.46-1.1.ppc64le",
"product_id": "pcre2-tools-10.46-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libpcre2-16-0-10.46-1.1.s390x",
"product": {
"name": "libpcre2-16-0-10.46-1.1.s390x",
"product_id": "libpcre2-16-0-10.46-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libpcre2-16-0-32bit-10.46-1.1.s390x",
"product": {
"name": "libpcre2-16-0-32bit-10.46-1.1.s390x",
"product_id": "libpcre2-16-0-32bit-10.46-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libpcre2-32-0-10.46-1.1.s390x",
"product": {
"name": "libpcre2-32-0-10.46-1.1.s390x",
"product_id": "libpcre2-32-0-10.46-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libpcre2-32-0-32bit-10.46-1.1.s390x",
"product": {
"name": "libpcre2-32-0-32bit-10.46-1.1.s390x",
"product_id": "libpcre2-32-0-32bit-10.46-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libpcre2-8-0-10.46-1.1.s390x",
"product": {
"name": "libpcre2-8-0-10.46-1.1.s390x",
"product_id": "libpcre2-8-0-10.46-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libpcre2-8-0-32bit-10.46-1.1.s390x",
"product": {
"name": "libpcre2-8-0-32bit-10.46-1.1.s390x",
"product_id": "libpcre2-8-0-32bit-10.46-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libpcre2-posix3-10.46-1.1.s390x",
"product": {
"name": "libpcre2-posix3-10.46-1.1.s390x",
"product_id": "libpcre2-posix3-10.46-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libpcre2-posix3-32bit-10.46-1.1.s390x",
"product": {
"name": "libpcre2-posix3-32bit-10.46-1.1.s390x",
"product_id": "libpcre2-posix3-32bit-10.46-1.1.s390x"
}
},
{
"category": "product_version",
"name": "pcre2-devel-10.46-1.1.s390x",
"product": {
"name": "pcre2-devel-10.46-1.1.s390x",
"product_id": "pcre2-devel-10.46-1.1.s390x"
}
},
{
"category": "product_version",
"name": "pcre2-devel-static-10.46-1.1.s390x",
"product": {
"name": "pcre2-devel-static-10.46-1.1.s390x",
"product_id": "pcre2-devel-static-10.46-1.1.s390x"
}
},
{
"category": "product_version",
"name": "pcre2-doc-10.46-1.1.s390x",
"product": {
"name": "pcre2-doc-10.46-1.1.s390x",
"product_id": "pcre2-doc-10.46-1.1.s390x"
}
},
{
"category": "product_version",
"name": "pcre2-tools-10.46-1.1.s390x",
"product": {
"name": "pcre2-tools-10.46-1.1.s390x",
"product_id": "pcre2-tools-10.46-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libpcre2-16-0-10.46-1.1.x86_64",
"product": {
"name": "libpcre2-16-0-10.46-1.1.x86_64",
"product_id": "libpcre2-16-0-10.46-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpcre2-16-0-32bit-10.46-1.1.x86_64",
"product": {
"name": "libpcre2-16-0-32bit-10.46-1.1.x86_64",
"product_id": "libpcre2-16-0-32bit-10.46-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpcre2-32-0-10.46-1.1.x86_64",
"product": {
"name": "libpcre2-32-0-10.46-1.1.x86_64",
"product_id": "libpcre2-32-0-10.46-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpcre2-32-0-32bit-10.46-1.1.x86_64",
"product": {
"name": "libpcre2-32-0-32bit-10.46-1.1.x86_64",
"product_id": "libpcre2-32-0-32bit-10.46-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpcre2-8-0-10.46-1.1.x86_64",
"product": {
"name": "libpcre2-8-0-10.46-1.1.x86_64",
"product_id": "libpcre2-8-0-10.46-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpcre2-8-0-32bit-10.46-1.1.x86_64",
"product": {
"name": "libpcre2-8-0-32bit-10.46-1.1.x86_64",
"product_id": "libpcre2-8-0-32bit-10.46-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpcre2-posix3-10.46-1.1.x86_64",
"product": {
"name": "libpcre2-posix3-10.46-1.1.x86_64",
"product_id": "libpcre2-posix3-10.46-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpcre2-posix3-32bit-10.46-1.1.x86_64",
"product": {
"name": "libpcre2-posix3-32bit-10.46-1.1.x86_64",
"product_id": "libpcre2-posix3-32bit-10.46-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "pcre2-devel-10.46-1.1.x86_64",
"product": {
"name": "pcre2-devel-10.46-1.1.x86_64",
"product_id": "pcre2-devel-10.46-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "pcre2-devel-static-10.46-1.1.x86_64",
"product": {
"name": "pcre2-devel-static-10.46-1.1.x86_64",
"product_id": "pcre2-devel-static-10.46-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "pcre2-doc-10.46-1.1.x86_64",
"product": {
"name": "pcre2-doc-10.46-1.1.x86_64",
"product_id": "pcre2-doc-10.46-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "pcre2-tools-10.46-1.1.x86_64",
"product": {
"name": "pcre2-tools-10.46-1.1.x86_64",
"product_id": "pcre2-tools-10.46-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-16-0-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.aarch64"
},
"product_reference": "libpcre2-16-0-10.46-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-16-0-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.ppc64le"
},
"product_reference": "libpcre2-16-0-10.46-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-16-0-10.46-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.s390x"
},
"product_reference": "libpcre2-16-0-10.46-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-16-0-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.x86_64"
},
"product_reference": "libpcre2-16-0-10.46-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-16-0-32bit-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.aarch64"
},
"product_reference": "libpcre2-16-0-32bit-10.46-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-16-0-32bit-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.ppc64le"
},
"product_reference": "libpcre2-16-0-32bit-10.46-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-16-0-32bit-10.46-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.s390x"
},
"product_reference": "libpcre2-16-0-32bit-10.46-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-16-0-32bit-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.x86_64"
},
"product_reference": "libpcre2-16-0-32bit-10.46-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-32-0-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.aarch64"
},
"product_reference": "libpcre2-32-0-10.46-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-32-0-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.ppc64le"
},
"product_reference": "libpcre2-32-0-10.46-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-32-0-10.46-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.s390x"
},
"product_reference": "libpcre2-32-0-10.46-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-32-0-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.x86_64"
},
"product_reference": "libpcre2-32-0-10.46-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-32-0-32bit-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.aarch64"
},
"product_reference": "libpcre2-32-0-32bit-10.46-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-32-0-32bit-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.ppc64le"
},
"product_reference": "libpcre2-32-0-32bit-10.46-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-32-0-32bit-10.46-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.s390x"
},
"product_reference": "libpcre2-32-0-32bit-10.46-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-32-0-32bit-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.x86_64"
},
"product_reference": "libpcre2-32-0-32bit-10.46-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.aarch64"
},
"product_reference": "libpcre2-8-0-10.46-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.ppc64le"
},
"product_reference": "libpcre2-8-0-10.46-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-10.46-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.s390x"
},
"product_reference": "libpcre2-8-0-10.46-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.x86_64"
},
"product_reference": "libpcre2-8-0-10.46-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-32bit-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.aarch64"
},
"product_reference": "libpcre2-8-0-32bit-10.46-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-32bit-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.ppc64le"
},
"product_reference": "libpcre2-8-0-32bit-10.46-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-32bit-10.46-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.s390x"
},
"product_reference": "libpcre2-8-0-32bit-10.46-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-8-0-32bit-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.x86_64"
},
"product_reference": "libpcre2-8-0-32bit-10.46-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-posix3-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.aarch64"
},
"product_reference": "libpcre2-posix3-10.46-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-posix3-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.ppc64le"
},
"product_reference": "libpcre2-posix3-10.46-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-posix3-10.46-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.s390x"
},
"product_reference": "libpcre2-posix3-10.46-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-posix3-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.x86_64"
},
"product_reference": "libpcre2-posix3-10.46-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-posix3-32bit-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.aarch64"
},
"product_reference": "libpcre2-posix3-32bit-10.46-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-posix3-32bit-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.ppc64le"
},
"product_reference": "libpcre2-posix3-32bit-10.46-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-posix3-32bit-10.46-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.s390x"
},
"product_reference": "libpcre2-posix3-32bit-10.46-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpcre2-posix3-32bit-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.x86_64"
},
"product_reference": "libpcre2-posix3-32bit-10.46-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.aarch64"
},
"product_reference": "pcre2-devel-10.46-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.ppc64le"
},
"product_reference": "pcre2-devel-10.46-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-10.46-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.s390x"
},
"product_reference": "pcre2-devel-10.46-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pcre2-devel-10.46-1.1.x86_64"
},
"product_reference": "pcre2-devel-10.46-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-static-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.aarch64"
},
"product_reference": "pcre2-devel-static-10.46-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-static-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.ppc64le"
},
"product_reference": "pcre2-devel-static-10.46-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-static-10.46-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.s390x"
},
"product_reference": "pcre2-devel-static-10.46-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-devel-static-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.x86_64"
},
"product_reference": "pcre2-devel-static-10.46-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-doc-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.aarch64"
},
"product_reference": "pcre2-doc-10.46-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-doc-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.ppc64le"
},
"product_reference": "pcre2-doc-10.46-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-doc-10.46-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.s390x"
},
"product_reference": "pcre2-doc-10.46-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-doc-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pcre2-doc-10.46-1.1.x86_64"
},
"product_reference": "pcre2-doc-10.46-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-tools-10.46-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.aarch64"
},
"product_reference": "pcre2-tools-10.46-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-tools-10.46-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.ppc64le"
},
"product_reference": "pcre2-tools-10.46-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-tools-10.46-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.s390x"
},
"product_reference": "pcre2-tools-10.46-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcre2-tools-10.46-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pcre2-tools-10.46-1.1.x86_64"
},
"product_reference": "pcre2-tools-10.46-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-58050",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58050"
}
],
"notes": [
{
"category": "general",
"text": "The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the (*scs:...) (Scan SubString) verb when combined with (*ACCEPT) in src/pcre2_match.c. This vulnerability may potentially lead to information disclosure if the out-of-bounds data read during the memcmp affects the final match result in a way observable by the attacker. This issue has been resolved in version 10.46.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.x86_64",
"openSUSE Tumbleweed:pcre2-devel-10.46-1.1.aarch64",
"openSUSE Tumbleweed:pcre2-devel-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:pcre2-devel-10.46-1.1.s390x",
"openSUSE Tumbleweed:pcre2-devel-10.46-1.1.x86_64",
"openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.aarch64",
"openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.s390x",
"openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.x86_64",
"openSUSE Tumbleweed:pcre2-doc-10.46-1.1.aarch64",
"openSUSE Tumbleweed:pcre2-doc-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:pcre2-doc-10.46-1.1.s390x",
"openSUSE Tumbleweed:pcre2-doc-10.46-1.1.x86_64",
"openSUSE Tumbleweed:pcre2-tools-10.46-1.1.aarch64",
"openSUSE Tumbleweed:pcre2-tools-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:pcre2-tools-10.46-1.1.s390x",
"openSUSE Tumbleweed:pcre2-tools-10.46-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58050",
"url": "https://www.suse.com/security/cve/CVE-2025-58050"
},
{
"category": "external",
"summary": "SUSE Bug 1248825 for CVE-2025-58050",
"url": "https://bugzilla.suse.com/1248825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.x86_64",
"openSUSE Tumbleweed:pcre2-devel-10.46-1.1.aarch64",
"openSUSE Tumbleweed:pcre2-devel-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:pcre2-devel-10.46-1.1.s390x",
"openSUSE Tumbleweed:pcre2-devel-10.46-1.1.x86_64",
"openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.aarch64",
"openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.s390x",
"openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.x86_64",
"openSUSE Tumbleweed:pcre2-doc-10.46-1.1.aarch64",
"openSUSE Tumbleweed:pcre2-doc-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:pcre2-doc-10.46-1.1.s390x",
"openSUSE Tumbleweed:pcre2-doc-10.46-1.1.x86_64",
"openSUSE Tumbleweed:pcre2-tools-10.46-1.1.aarch64",
"openSUSE Tumbleweed:pcre2-tools-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:pcre2-tools-10.46-1.1.s390x",
"openSUSE Tumbleweed:pcre2-tools-10.46-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-16-0-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-16-0-32bit-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-32-0-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-32-0-32bit-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-8-0-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-8-0-32bit-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-posix3-10.46-1.1.x86_64",
"openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.aarch64",
"openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.s390x",
"openSUSE Tumbleweed:libpcre2-posix3-32bit-10.46-1.1.x86_64",
"openSUSE Tumbleweed:pcre2-devel-10.46-1.1.aarch64",
"openSUSE Tumbleweed:pcre2-devel-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:pcre2-devel-10.46-1.1.s390x",
"openSUSE Tumbleweed:pcre2-devel-10.46-1.1.x86_64",
"openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.aarch64",
"openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.s390x",
"openSUSE Tumbleweed:pcre2-devel-static-10.46-1.1.x86_64",
"openSUSE Tumbleweed:pcre2-doc-10.46-1.1.aarch64",
"openSUSE Tumbleweed:pcre2-doc-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:pcre2-doc-10.46-1.1.s390x",
"openSUSE Tumbleweed:pcre2-doc-10.46-1.1.x86_64",
"openSUSE Tumbleweed:pcre2-tools-10.46-1.1.aarch64",
"openSUSE Tumbleweed:pcre2-tools-10.46-1.1.ppc64le",
"openSUSE Tumbleweed:pcre2-tools-10.46-1.1.s390x",
"openSUSE Tumbleweed:pcre2-tools-10.46-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-29T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58050"
}
]
}
WID-SEC-W-2025-2034
Vulnerability from csaf_certbund - Published: 2025-09-10 22:00 - Updated: 2026-01-05 23:00Summary
Erlang/OTP: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Erlang/OTP (Open Telecom Platform) ist eine Sammlung von Bibliotheken und Tools, die auf der Programmiersprache Erlang basieren und für den Aufbau skalierbarer, fehlertoleranter und verteilter Systeme entwickelt wurden.
Angriff: Ein entfernter authentisierter Angreifer oder anonymer Angreifer kann mehrere Schwachstellen in Erlang/OTP ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder vertrauliche Informationen offenzulegen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Erlang/OTP (Open Telecom Platform) ist eine Sammlung von Bibliotheken und Tools, die auf der Programmiersprache Erlang basieren und f\u00fcr den Aufbau skalierbarer, fehlertoleranter und verteilter Systeme entwickelt wurden.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter authentisierter Angreifer oder anonymer Angreifer kann mehrere Schwachstellen in Erlang/OTP ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder vertrauliche Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2034 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2034.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2034 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2034"
},
{
"category": "external",
"summary": "Patch Package OTP 28.0.3 Released vom 2025-09-10",
"url": "https://erlangforums.com/t/patch-package-otp-28-0-3-released"
},
{
"category": "external",
"summary": "erlang/otp GitHub vom 2025-09-10",
"url": "https://github.com/erlang/otp/security/advisories/GHSA-pvj7-9652-7h9r"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7777-1 vom 2025-09-25",
"url": "https://ubuntu.com/security/notices/USN-7777-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7831-1 vom 2025-10-21",
"url": "https://ubuntu.com/security/notices/USN-7831-1"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-5905C468D2 vom 2025-10-23",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-5905c468d2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3807-1 vom 2025-10-27",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/V5QYQCCTUV25RUNMQQOBIC7TJ273LISJ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3807-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023037.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4035-1 vom 2025-11-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023197.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15740-1 vom 2025-11-19",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EOMCTYWFTYTVAWWSTPGYIZMBUTU37XCN/"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4376 vom 2025-11-24",
"url": "https://lists.debian.org/debian-lts-announce/2025/11/msg00019.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0023-1 vom 2026-01-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023684.html"
}
],
"source_lang": "en-US",
"title": "Erlang/OTP: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-01-05T23:00:00.000+00:00",
"generator": {
"date": "2026-01-06T08:35:30.715+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-2034",
"initial_release_date": "2025-09-10T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-09-10T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-09-11T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2025-27676, EUVD-2025-27678, EUVD-2025-27677, EUVD-2025-27679"
},
{
"date": "2025-09-25T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-21T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-23T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2025-10-27T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-10T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-19T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-11-24T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2026-01-05T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "10"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c28.0.3",
"product": {
"name": "Open Source Erlang/OTP \u003c28.0.3",
"product_id": "T046922"
}
},
{
"category": "product_version",
"name": "28.0.3",
"product": {
"name": "Open Source Erlang/OTP 28.0.3",
"product_id": "T046922-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:erlang:erlang%2fotp:28.0.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c27.3.4.3",
"product": {
"name": "Open Source Erlang/OTP \u003c27.3.4.3",
"product_id": "T046923"
}
},
{
"category": "product_version",
"name": "27.3.4.3",
"product": {
"name": "Open Source Erlang/OTP 27.3.4.3",
"product_id": "T046923-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:erlang:erlang%2fotp:27.3.4.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c26.2.5.15",
"product": {
"name": "Open Source Erlang/OTP \u003c26.2.5.15",
"product_id": "T046924"
}
},
{
"category": "product_version",
"name": "26.2.5.15",
"product": {
"name": "Open Source Erlang/OTP 26.2.5.15",
"product_id": "T046924-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:erlang:erlang%2fotp:26.2.5.15"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.3.3",
"product": {
"name": "Open Source Erlang/OTP \u003c5.3.3",
"product_id": "T046925"
}
},
{
"category": "product_version",
"name": "5.3.3",
"product": {
"name": "Open Source Erlang/OTP 5.3.3",
"product_id": "T046925-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:erlang:erlang%2fotp:5.3.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.2.11.3",
"product": {
"name": "Open Source Erlang/OTP \u003c5.2.11.3",
"product_id": "T046926"
}
},
{
"category": "product_version",
"name": "5.2.11.3",
"product": {
"name": "Open Source Erlang/OTP 5.2.11.3",
"product_id": "T046926-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:erlang:erlang%2fotp:5.2.11.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.1.4.12",
"product": {
"name": "Open Source Erlang/OTP \u003c5.1.4.12",
"product_id": "T046927"
}
},
{
"category": "product_version",
"name": "5.1.4.12",
"product": {
"name": "Open Source Erlang/OTP 5.1.4.12",
"product_id": "T046927-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:erlang:erlang%2fotp:5.1.4.12"
}
}
},
{
"category": "product_version_range",
"name": "\u003c16.0.3",
"product": {
"name": "Open Source Erlang/OTP \u003c16.0.3",
"product_id": "T046928"
}
},
{
"category": "product_version",
"name": "16.0.3",
"product": {
"name": "Open Source Erlang/OTP 16.0.3",
"product_id": "T046928-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:erlang:erlang%2fotp:16.0.3"
}
}
}
],
"category": "product_name",
"name": "Erlang/OTP"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-48038",
"product_status": {
"known_affected": [
"T046922",
"2951",
"T002207",
"T046925",
"T046926",
"T000126",
"T046923",
"T046924",
"T027843",
"T046927",
"T046928",
"74185"
]
},
"release_date": "2025-09-10T22:00:00.000+00:00",
"title": "CVE-2025-48038"
},
{
"cve": "CVE-2025-48039",
"product_status": {
"known_affected": [
"T046922",
"2951",
"T002207",
"T046925",
"T046926",
"T000126",
"T046923",
"T046924",
"T027843",
"T046927",
"T046928",
"74185"
]
},
"release_date": "2025-09-10T22:00:00.000+00:00",
"title": "CVE-2025-48039"
},
{
"cve": "CVE-2025-48040",
"product_status": {
"known_affected": [
"T046922",
"2951",
"T002207",
"T046925",
"T046926",
"T000126",
"T046923",
"T046924",
"T027843",
"T046927",
"T046928",
"74185"
]
},
"release_date": "2025-09-10T22:00:00.000+00:00",
"title": "CVE-2025-48040"
},
{
"cve": "CVE-2025-48041",
"product_status": {
"known_affected": [
"T046922",
"2951",
"T002207",
"T046925",
"T046926",
"T000126",
"T046923",
"T046924",
"T027843",
"T046927",
"T046928",
"74185"
]
},
"release_date": "2025-09-10T22:00:00.000+00:00",
"title": "CVE-2025-48041"
},
{
"cve": "CVE-2025-58050",
"product_status": {
"known_affected": [
"T046922",
"2951",
"T002207",
"T000126",
"T027843",
"T046928",
"74185"
]
},
"release_date": "2025-09-10T22:00:00.000+00:00",
"title": "CVE-2025-58050"
}
]
}
FKIE_CVE-2025-58050
Vulnerability from fkie_nvd - Published: 2025-08-27 19:15 - Updated: 2025-09-09 15:27
Severity ?
Summary
The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the (*scs:...) (Scan SubString) verb when combined with (*ACCEPT) in src/pcre2_match.c. This vulnerability may potentially lead to information disclosure if the out-of-bounds data read during the memcmp affects the final match result in a way observable by the attacker. This issue has been resolved in version 10.46.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/PCRE2Project/pcre2/commit/a141712e5967d448c7ce13090ab530c8e3d82254 | Patch | |
| security-advisories@github.com | https://github.com/PCRE2Project/pcre2/releases/tag/pcre2-10.46 | Release Notes | |
| security-advisories@github.com | https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2 | Exploit, Vendor Advisory | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2 | Exploit, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pcre:pcre2:10.45:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD0797B-DF92-41CB-B392-0442CCC30E7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the (*scs:...) (Scan SubString) verb when combined with (*ACCEPT) in src/pcre2_match.c. This vulnerability may potentially lead to information disclosure if the out-of-bounds data read during the memcmp affects the final match result in a way observable by the attacker. This issue has been resolved in version 10.46."
},
{
"lang": "es",
"value": "La librer\u00eda PCRE2 es un conjunto de funciones de C que implementan la coincidencia de patrones con expresiones regulares. En la versi\u00f3n 10.45, existe una vulnerabilidad de lectura por desbordamiento de b\u00fafer de mont\u00f3n en el motor de coincidencia de expresiones regulares de PCRE2, espec\u00edficamente en la gesti\u00f3n del verbo (*scs:...) (Scan SubString) al combinarse con (*ACCEPT) en src/pcre2_match.c. Esta vulnerabilidad podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n si los datos fuera de los l\u00edmites le\u00eddos durante la memcmp afectan el resultado final de la coincidencia de forma observable para el atacante. Este problema se ha resuelto en la versi\u00f3n 10.46."
}
],
"id": "CVE-2025-58050",
"lastModified": "2025-09-09T15:27:39.573",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-08-27T19:15:37.560",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/PCRE2Project/pcre2/commit/a141712e5967d448c7ce13090ab530c8e3d82254"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/PCRE2Project/pcre2/releases/tag/pcre2-10.46"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
},
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…