9 matches found
Out-of-bounds
The compilebranch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service out-of-bounds heap read and crash, or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large...
CVE-2015-3217
PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service stack-based buffer overflow via a crafted regular expression, as demonstrated by /^?:?1\.|^\\W?++$/...
Fedora 22 : pcre-8.37-7.fc22 (2015-afafa29551)
This release fixes CVE-2015-8380 a heap-based buffer overflow in pcreexec when ovector has size 1. ---- This release fixes a crash when compiling an expression with long MARK or THEN names. It also fixes compiling a POSIX character class followed by a single ASCII character in a class item while...
Fedora 22 : pcre-8.37-4.fc22 (2015-14235)
This release fixes a heap overflow when compiling certain regular expressions with named refecences. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
[SECURITY] Fedora 22 Update: pcre-8.37-4.fc22
Perl-compatible regular expression library. PCRE has its own native API, but a set of "wrapper" functions that are base d on the POSIX API are also supplied in the library libpcreposix. Note that this just provides a POSIX calling interface to PCRE: the regular expressions themselves still follow...
[SECURITY] Fedora 23 Update: pcre-8.37-4.fc23
Perl-compatible regular expression library. PCRE has its own native API, but a set of "wrapper" functions that are base d on the POSIX API are also supplied in the library libpcreposix. Note that this just provides a POSIX calling interface to PCRE: the regular expressions themselves still follow...
Fedora 22 : pcre-8.37-3.fc22 (2015-12921)
This release fixes buffer overflows when compiling certain expressions. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
[SECURITY] Fedora 22 Update: pcre-8.37-3.fc22
Perl-compatible regular expression library. PCRE has its own native API, but a set of "wrapper" functions that are base d on the POSIX API are also supplied in the library libpcreposix. Note that this just provides a POSIX calling interface to PCRE: the regular expressions themselves still follow...
[SECURITY] Fedora 22 Update: pcre-8.37-2.fc22
Perl-compatible regular expression library. PCRE has its own native API, but a set of "wrapper" functions that are base d on the POSIX API are also supplied in the library libpcreposix. Note that this just provides a POSIX calling interface to PCRE: the regular expressions themselves still follow...