Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2015-8382
HistoryDec 01, 2015 - 12:00 a.m.

CVE-2015-8382

2015-12-0100:00:00
ubuntu.com
ubuntu.com
10

0.05 Low

EPSS

Percentile

92.8%

JSON

The match function in pcre_exec.c in PCRE before 8.37 mishandles the
/(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|((*ACCEPT)))/
pattern and related patterns involving (*ACCEPT), which allows remote
attackers to obtain sensitive information from process memory or cause a
denial of service (partially initialized memory and application crash) via
a crafted regular expression, as demonstrated by a JavaScript RegExp object
encountered by Konqueror, aka ZDI-CAN-2547.

Bugs

Notes

Author Note
tyhicks Issue affects PCRE3 only Marking ‘low’ since it requires PCRE to operate on untrusted regular expressions which is not very likely
mdeslaur 794589-information-disclosure.patch in jessie
OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchpcre3< 8.12-4ubuntu0.2UNKNOWN
ubuntu14.04noarchpcre3< 1:8.31-2ubuntu2.2UNKNOWN
ubuntu15.10noarchpcre3< 2:8.35-7.1ubuntu1.3UNKNOWN

Related

cvelist 1
prion 1
debiancve 1
cve 1
ibm 6
f5 2
symantec 1
nessus 6
openwrt 1
ubuntu 1
openvas 7
suse 2
cvelist
cvelist
CVE-2015-8382
2015-12-02 01:00:00
prion
prion
Design/Logic Flaw
2015-12-02 01:59:00
debiancve
debiancve
CVE-2015-8382
2015-12-02 01:59:00
cve
cve
CVE-2015-8382
2015-12-02 01:59:05
ibm
ibm
Security Bulletin: IBM Netezza SQL Extensions is vulnerable to an OpenSource PCRE Vulnerability (CVE-2015-8380, CVE-2015-8382, CVE-2015-8391)
2019-10-18 03:10:29
Security Bulletin: Multiple vulnerabilities Perl Compatible Regular Expression (PCRE) libraries - IBM Aspera Shares Application
2019-07-10 10:10:01
Security Bulletin: Multiple vulnerabilities with the open source Perl Compatible Regular Expression (PCRE) libraries used in IBM Aspera Shares Application
2018-06-15 07:08:32
f5
f5
K20225390 : Multiple PCRE vulnerabilities
2016-02-04 00:00:00
SOL20225390 - Multiple PCRE vulnerabilities
2016-02-04 00:00:00
symantec
symantec
SA128 : Multiple PCRE Vulnerabilities
2016-07-07 08:00:00
nessus
nessus
F5 Networks BIG-IP : Multiple PCRE vulnerabilities (K20225390)
2016-08-02 00:00:00
SUSE SLED12 / SLES12 Security Update : pcre (SUSE-SU-2016:2971-1)
2016-12-05 00:00:00
Ubuntu 14.04 LTS : PCRE vulnerabilities (USN-2943-1)
2016-04-01 00:00:00
openwrt
openwrt
pcre: Security update (18 CVEs)
2016-01-28 12:40:02
ubuntu
ubuntu
PCRE vulnerabilities
2016-03-29 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2016:2971-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:3161-1)
2021-04-19 00:00:00
Ubuntu: Security Advisory (USN-2943-1)
2016-04-11 00:00:00
suse
suse
Security update for SLES 12 Docker image (important)
2017-10-11 03:06:53
Security update for SLES 12-SP1 Docker image (important)
2017-10-11 03:07:32

0.05 Low

EPSS

Percentile

92.8%

JSON
Related for UB:CVE-2015-8382
cvelist1prion1debiancve1cve1ibm6f52symantec1nessus6openwrt1ubuntu1openvas7suse2