Lucene search

K

MitreCVELIST:CVE-2015-2326

HistoryJan 14, 2020 - 4:46 p.m.

CVE-2015-2326

2020-01-1416:46:57

mitre

www.cve.org

1

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.4%

The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by “((?+1)(\1))/”.

References

lists.opensuse.org/opensuse-updates/2015-05/msg00014.html

bugs.exim.org/show_bug.cgi?id=1592

fortiguard.com/zeroday/FG-VD-15-016

www.pcre.org/original/changelog.txt

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.4%

Related for CVELIST:CVE-2015-2326

nvd1 f52 prion1 mariadbunix1 debiancve1 cve1 freebsd1 nessus23 securityvulns2 ubuntucve7 openvas11 ubuntu2 openwrt1 amazon4 slackware2 suse2 rosalinux1 veracode57 redhat1