Pcre

Pcre

33 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2020-14155

  • EPSS 0.15%
  • Published 15.06.2020 17:15:10
  • Last modified 21.11.2024 05:02:45

libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.

7.5

CVE-2019-20838

  • EPSS 0.18%
  • Published 15.06.2020 17:15:09
  • Last modified 21.11.2024 04:39:29

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.

5.5

CVE-2015-2326

Exploit
  • EPSS 0.3%
  • Published 14.01.2020 17:15:12
  • Last modified 21.11.2024 02:27:13

The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call a...

7.8

CVE-2015-2325

Exploit
  • EPSS 0.57%
  • Published 14.01.2020 17:15:12
  • Last modified 21.11.2024 02:27:13

The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a gro...

5.5

CVE-2017-16231

Exploit
  • EPSS 0.1%
  • Published 21.03.2019 15:59:56
  • Last modified 21.11.2024 03:16:05

In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that ca...

7.8

CVE-2017-11164

  • EPSS 0.27%
  • Published 11.07.2017 03:29:00
  • Last modified 20.04.2025 01:37:25

In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.

7.8

CVE-2017-7245

  • EPSS 0.44%
  • Published 23.03.2017 21:59:00
  • Last modified 20.04.2025 01:37:25

Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.

5.5

CVE-2017-7244

  • EPSS 0.76%
  • Published 23.03.2017 21:59:00
  • Last modified 20.04.2025 01:37:25

The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file.

7.8

CVE-2017-7246

  • EPSS 0.36%
  • Published 23.03.2017 21:59:00
  • Last modified 20.04.2025 01:37:25

Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.

7.5

CVE-2017-7186

  • EPSS 4.97%
  • Published 20.03.2017 00:59:00
  • Last modified 20.04.2025 01:37:25

libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup.