Lucene search
HistoryDec 02, 2015 - 1:59 a.m.
CVE-2015-8395
pcre
cve-2015-8395
denial of service
regex
remote attackers
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.025
Percentile
90.2%
PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and CVE-2015-8392.
Affected configurations
Node
pcreperl_compatible_regular_expression_libraryRange≤8.37
| Vendor | Product | Version | CPE |
|---|---|---|---|
| pcre | perl_compatible_regular_expression_library | cpe:/a:pcre:perl_compatible_regular_expression_library:::: |
Related
debiancve
debiancve
cvelist
cvelist
ubuntucve
ubuntucve
prion
prion
Design/Logic Flaw
2015-12-02 01:59:00
Buffer overflow
2015-12-02 01:59:00
Buffer overflow
2015-12-02 01:59:00
nvd
nvd
cve
cve
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:34:19
Denial Of Service (DoS)
2019-05-02 05:34:18
Denial Of Service (DoS)
2019-05-02 05:34:19
fedora
fedora
[SECURITY] Fedora 22 Update: mingw-pcre-8.38-1.fc22
2016-02-17 04:25:54
[SECURITY] Fedora 23 Update: mingw-pcre-8.38-1.fc23
2016-02-17 04:01:55
nessus
nessus
Fedora 22 : mingw-pcre-8.38-1.fc22 (2016-f59a8ff5d0)
2016-03-04 00:00:00
Fedora 23 : mingw-pcre-8.38-1.fc23 (2016-fd1199dbe2)
2016-03-04 00:00:00
GLSA-201607-02 : libpcre: Multiple Vulnerabilities
2016-07-11 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities Perl Compatible Regular Expression (PCRE) libraries - IBM Aspera Shares Application
2019-07-10 10:10:01
f5
f5
K20225390 : Multiple PCRE vulnerabilities
2016-02-04 00:00:00
SOL20225390 - Multiple PCRE vulnerabilities
2016-02-04 00:00:00
K17235 : PCRE library vulnerability CVE-2015-3210
2015-09-08 00:00:00
gentoo
gentoo
libpcre: Multiple Vulnerabilities
2016-07-09 00:00:00
openwrt
openwrt
pcre: Security update (18 CVEs)
2016-01-28 12:40:02
rosalinux
rosalinux
Advisory ROSA-SA-2021-1947
2021-07-02 17:40:57
symantec
symantec
SA128 : Multiple PCRE Vulnerabilities
2016-07-07 08:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2016:2971-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:3161-1)
2021-04-19 00:00:00
Ubuntu: Security Advisory (USN-2943-1)
2016-04-11 00:00:00
ubuntu
ubuntu
PCRE vulnerabilities
2016-03-29 00:00:00
redhat
redhat
(RHSA-2016:1132) Important: rh-mariadb100-mariadb security update
2016-05-26 08:10:09
suse
suse
Security update for SLES 12-SP1 Docker image (important)
2017-10-11 03:07:32
Security update for SLES 12 Docker image (important)
2017-10-11 03:06:53
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.025
Percentile
90.2%
Related for CVE-2015-8395