Pcre Perl Compatible Regular Expression Library
By the Year
In 2024 there have been 0 vulnerabilities in Pcre Perl Compatible Regular Expression Library . Perl Compatible Regular Expression Library did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Perl Compatible Regular Expression Library vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Pcre Perl Compatible Regular Expression Library Security Vulnerabilities
PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which
CVE-2015-8394
9.8 - Critical
- December 02, 2015
PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
Integer Overflow or Wraparound
PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which
CVE-2015-8390
9.8 - Critical
- December 02, 2015
PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
Use of Uninitialized Resource
PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which
CVE-2015-8389
9.8 - Critical
- December 02, 2015
PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote attackers to cause a denial of service (infinite recursion) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
Buffer Overflow
PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which
CVE-2015-8387
7.3 - High
- December 02, 2015
PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
Integer Overflow or Wraparound
PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which
CVE-2015-8386
9.8 - Critical
- December 02, 2015
PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
Buffer Overflow
PCRE before 8.38 mishandles certain repeated conditional groups, which
CVE-2015-8383
9.8 - Critical
- December 02, 2015
PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
Buffer Overflow
pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a crafted file, as demonstrated by a CGI script
CVE-2015-8393
7.5 - High
- December 02, 2015
pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a crafted file, as demonstrated by a CGI script that sends stdout data to a client.
Information Disclosure
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for PHP or by Pcre? Click the Watch button to subscribe.
