Lucene search

K
cve[email protected]CVE-2015-8395
HistoryDec 02, 2015 - 1:59 a.m.

CVE-2015-8395

2015-12-0201:59:19
CWE-119
web.nvd.nist.gov
51
pcre
cve-2015-8395
denial of service
regex
remote attackers

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

90.2%

PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and CVE-2015-8392.

Affected configurations

NVD
Node
pcreperl_compatible_regular_expression_libraryRange≤8.37

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

90.2%