Lucene search
Ubuntu.comUB:CVE-2015-8395HistoryDec 01, 2015 - 12:00 a.m.
CVE-2015-8395
2015-12-0100:00:00
ubuntu.com
ubuntu.com
10
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.018 Low
EPSS
Percentile
87.9%
PCRE before 8.38 mishandles certain references, which allows remote
attackers to cause a denial of service or possibly have unspecified other
impact via a crafted regular expression, as demonstrated by a JavaScript
RegExp object encountered by Konqueror, a related issue to CVE-2015-8384
and CVE-2015-8392.
Bugs
Notes
| Author | Note |
|---|---|
| tyhicks | Issue affects PCRE3 only Marking ‘low’ since it requires PCRE to operate on untrusted regular expressions which is not very likely |
| mdeslaur | introduced in 8.34 0001-Hack-in-yet-other-patch-for-a-bug-in-size-computatio.patch in jessie |
References
Related
debiancve
debiancve
ubuntucve
ubuntucve
prion
prion
Design/Logic Flaw
2015-12-02 01:59:00
Buffer overflow
2015-12-02 01:59:00
Buffer overflow
2015-12-02 01:59:00
cve
cve
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:34:19
Denial Of Service (DoS)
2019-05-02 05:34:18
Denial Of Service (DoS)
2019-05-02 05:34:19
f5
f5
K17235 : PCRE library vulnerability CVE-2015-3210
2015-09-08 00:00:00
SOL20225390 - Multiple PCRE vulnerabilities
2016-02-04 00:00:00
K20225390 : Multiple PCRE vulnerabilities
2016-02-04 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: mingw-pcre-8.38-1.fc22
2016-02-17 04:25:54
[SECURITY] Fedora 23 Update: mingw-pcre-8.38-1.fc23
2016-02-17 04:01:55
nessus
nessus
Fedora 23 : mingw-pcre-8.38-1.fc23 (2016-fd1199dbe2)
2016-03-04 00:00:00
Fedora 22 : mingw-pcre-8.38-1.fc22 (2016-f59a8ff5d0)
2016-03-04 00:00:00
GLSA-201607-02 : libpcre: Multiple Vulnerabilities
2016-07-11 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities Perl Compatible Regular Expression (PCRE) libraries - IBM Aspera Shares Application
2019-07-10 10:10:01
symantec
symantec
SA128 : Multiple PCRE Vulnerabilities
2016-07-07 08:00:00
openwrt
openwrt
pcre: Security update (18 CVEs)
2016-01-28 12:40:02
rosalinux
rosalinux
Advisory ROSA-SA-2021-1947
2021-07-02 17:40:57
gentoo
gentoo
libpcre: Multiple Vulnerabilities
2016-07-09 00:00:00
ubuntu
ubuntu
PCRE vulnerabilities
2016-03-29 00:00:00
openvas
openvas
Ubuntu Update for pcre3 USN-2943-1
2016-04-11 00:00:00
Tenable Nessus Multiple Vulnerabilities(tns-2018-08)
2018-06-15 00:00:00
redhat
redhat
(RHSA-2016:1132) Important: rh-mariadb100-mariadb security update
2016-05-26 08:10:09
suse
suse
Security update for SLES 12 Docker image (important)
2017-10-11 03:06:53
Security update for SLES 12-SP1 Docker image (important)
2017-10-11 03:07:32
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.018 Low
EPSS
Percentile
87.9%
Related for UB:CVE-2015-8395