) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
Search Parameters:
- Keyword (text search): cpe:2.3:a:pcre:pcre:8.41:*:*:*:*:*:*:*
- CPE Name Search: true
There are 4 matching records.
Displaying matches 1 through 4.
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2020-14155 |
libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring. Published: June 15, 2020; 1:15:10 PM -0400 |
V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
| CVE-2019-20838 |
libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454. Published: June 15, 2020; 1:15:09 PM -0400 |
V3.1: 7.5 HIGH V2.0: 4.3 MEDIUM |
| CVE-2017-16231 |
In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used Published: March 21, 2019; 11:59:56 AM -0400 |
V3.0: 5.5 MEDIUM V2.0: 2.1 LOW |
| CVE-2017-11164 |
In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression. Published: July 10, 2017; 11:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 7.8 HIGH |