Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2015-2326
HistoryJan 14, 2020 - 5:15 p.m.

CVE-2015-2326

2020-01-1417:15:12
CWE-125
[email protected]
web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.4%

JSON

The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by “((?+1)(\1))/”.

Affected configurations

NVD
Node
pcrepcreRange<8.37
Node
opensuseopensuseMatch13.1
OR
opensuseopensuseMatch13.2
Node
mariadbmariadbRange10.0.010.0.18
Node
phpphpRange5.4.05.4.41
OR
phpphpRange5.5.05.5.26
OR
phpphpRange5.6.05.6.9

Related

f5 2
cve 1
prion 1
mariadbunix 1
debiancve 1
cvelist 1
freebsd 1
nessus 23
securityvulns 2
ubuntucve 7
openvas 11
ubuntu 2
openwrt 1
amazon 4
slackware 2
suse 2
rosalinux 1
veracode 57
redhat 1
f5
f5
K16984 : PCRE library vulnerability CVE-2015-2326
2015-07-17 00:00:00
SOL16984 - PCRE library vulnerability CVE-2015-2326
2015-07-17 00:00:00
cve
cve
CVE-2015-2326
2020-01-14 17:15:12
prion
prion
Out-of-bounds
2020-01-14 17:15:00
mariadbunix
mariadbunix
CVE-2015-2326
2020-01-14 17:15:00
debiancve
debiancve
CVE-2015-2326
2020-01-14 17:15:12
cvelist
cvelist
CVE-2015-2326
2020-01-14 16:46:57
freebsd
freebsd
pcre -- multiple vulnerabilities
2015-04-28 00:00:00
nessus
nessus
FreeBSD : pcre -- multiple vulnerabilities (4a88e3ed-00d3-11e5-a072-d050996490d0)
2015-05-26 00:00:00
openSUSE Security Update : pcre (openSUSE-2015-353)
2015-05-13 00:00:00
Ubuntu 14.04 LTS : PCRE vulnerabilities (USN-2694-1)
2015-07-30 00:00:00
securityvulns
securityvulns
PCRE multiple security vulnerabilities
2015-08-02 00:00:00
[USN-2694-1] PCRE vulnerabilities
2015-08-02 00:00:00
ubuntucve
ubuntucve
CVE-2015-5073
2015-06-26 00:00:00
CVE-2015-2325
2015-04-01 00:00:00
CVE-2015-2326
2015-04-01 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2694-1)
2015-07-30 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-536)
2015-09-08 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-534)
2015-09-08 00:00:00
ubuntu
ubuntu
PCRE vulnerabilities
2015-07-29 00:00:00
PCRE vulnerabilities
2016-03-29 00:00:00
openwrt
openwrt
php: Security update (7 CVEs)
2016-01-28 12:23:45
amazon
amazon
Important: php56
2015-06-02 22:22:00
Important: php54
2015-06-02 22:20:00
Medium: php56
2015-07-07 12:40:00
slackware
slackware
[slackware-security] php
2015-06-11 23:01:25
[slackware-security] php
2015-07-17 20:25:21
suse
suse
Security update for mariadb (important)
2015-07-21 16:08:23
Security update for MariaDB (important)
2015-07-09 17:08:05
rosalinux
rosalinux
Advisory ROSA-SA-2021-1947
2021-07-02 17:40:57
veracode
veracode
Out-Of-Bounds Read
2019-05-02 06:02:24
Arbitrary Code Execution
2019-05-02 06:02:23
Denial Of Service (DoS)
2019-05-02 06:02:21
redhat
redhat
(RHSA-2016:2750) Moderate: rh-php56 security, bug fix, and enhancement update
2016-11-15 11:13:31

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.4%

JSON
Related for NVD:CVE-2015-2326
f52cve1prion1mariadbunix1debiancve1cvelist1freebsd1nessus23securityvulns2ubuntucve7openvas11ubuntu2openwrt1amazon4slackware2suse2rosalinux1veracode57redhat1