CVE-2015-8389

2015-12-02T01:59:00
ID CVE-2015-8389
Type cve
Reporter cve@mitre.org
Modified 2017-07-01T01:29:00

Description

PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote attackers to cause a denial of service (infinite recursion) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.