You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While using the checkmarx\kics image, our trivy scans are detecting CVE-2022-1586 in the latest version of KICS (v1.5.10).
This CVE is related to the PCRE2 library:
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.
Submitting an issue for awareness and further investigation into KICS and potentially a patch.
The text was updated successfully, but these errors were encountered:
While using the checkmarx\kics image, our trivy scans are detecting CVE-2022-1586 in the latest version of KICS (v1.5.10).
This CVE is related to the PCRE2 library:
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.
Submitting an issue for awareness and further investigation into KICS and potentially a patch.
The text was updated successfully, but these errors were encountered: