{"vulnerability": "CVE-2022-1586", "sightings": [{"uuid": "c8e95124-99fa-4814-a96d-c78e4dc4d245", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-1586", "type": "seen", "source": "Telegram/494dXOts6pnuxBA0gTGo8KIrbXMfa-WhTtWa-PpNiKGAFOv7", "content": "", "creation_timestamp": "2025-03-08T04:34:09.000000Z"}, {"uuid": "8ae6bcb0-ebf7-44bb-a6df-b5764032a923", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-1586", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3914", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-1586\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2022-05-16T21:15:07.793\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://bugzilla.redhat.com/show_bug.cgi?id=2077976%2C\n2. https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a%2C\n3. https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c\n4. https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html\n5. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/\n6. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/\n7. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/\n8. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/\n9. https://security.netapp.com/advisory/ntap-20221028-0009/\n10. https://bugzilla.redhat.com/show_bug.cgi?id=2077976%2C\n11. https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a%2C\n12. https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c\n13. https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html\n14. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/\n15. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/\n16. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/\n17. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/\n18. https://security.netapp.com/advisory/ntap-20221028-0009/", "creation_timestamp": "2025-02-11T21:12:16.000000Z"}, {"uuid": "ed4e1712-8844-42c7-9b9b-5ccbf7a65066", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-1586", "type": "seen", "source": "https://t.me/poxek/2416", "content": "#CVE\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c PCRE2\nCVE-2022-1586\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0449\u0435\u0439 \u0440\u0430\u0431\u043e\u0442\u0443 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u0432 \u0441\u0442\u0438\u043b\u0435 Perl PCRE2 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0433\u0440\u0430\u043d\u0438\u0447\u043d\u044b\u043c\u0438 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u043c\u0438 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 compile_xclass_matchingpath() \u0444\u0430\u0439\u043b\u0430 pcre2_jit_compile.c. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u0435\u0440\u0435\u0434\u0430\u0442\u044c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0443 \u0447\u0442\u0435\u043d\u0438\u044f \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0433\u0440\u0430\u043d\u0438\u0446, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u0442\u0438\u043f\u0430 \u00ab\u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438\u00bb", "creation_timestamp": "2022-08-31T19:00:04.000000Z"}, {"uuid": "7f275a25-7c5a-47fe-87c4-8a8fb5055151", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-1586", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6657", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-1586\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.\n\ud83d\udccf Published: 2022-05-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-06T08:18:54.168Z\n\ud83d\udd17 References:\n1. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2077976%2C\n3. https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a%2C\n4. https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c\n5. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/\n6. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/\n7. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/\n8. https://security.netapp.com/advisory/ntap-20221028-0009/\n9. https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html", "creation_timestamp": "2025-03-06T08:37:19.000000Z"}, {"uuid": "51992078-00a4-4c80-b0ca-f5ed2bd01fc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-1586", "type": "seen", "source": "Telegram/ZNMWTqvEmQQumIDjsgEHtsV5V1DvYdUYGG7fseDLCIq0adXd", "content": "", "creation_timestamp": "2025-02-14T10:04:00.000000Z"}, {"uuid": "b8627ff3-70ad-42c7-a99f-f0279c087108", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-1586", "type": "seen", "source": "https://t.me/cibsecurity/42781", "content": "\u203c CVE-2022-1586 \u203c\n\nAn out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-17T00:26:40.000000Z"}]}