Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-14155 | 4 Apple, Gitlab, Oracle and 1 more | 4 Macos, Gitlab, Communications Cloud Native Core Policy and 1 more | 2022-04-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring. | |||||
| CVE-2015-2326 | 2 Opensuse, Pcre | 2 Opensuse, Pcre | 2020-01-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by "((?+1)(\1))/". | |||||
| CVE-2017-16231 | 1 Pcre | 1 Pcre | 2019-04-02 | 2.1 LOW | 5.5 MEDIUM |
| ** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used. | |||||
| CVE-2017-7244 | 1 Pcre | 1 Pcre | 2018-08-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file. | |||||