CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-41409
https://notcve.org/view.php?id=CVE-2022-41409
18 Jul 2023 — Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input. • https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.1EPSS: 0%CPEs: 18EXPL: 0CVE-2022-1587 – pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c
https://notcve.org/view.php?id=CVE-2022-1587
16 May 2022 — An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers. Se ha detectado una vulnerabilidad de lectura fuera de límites en la biblioteca PCRE2 en la función get_recurse_data_length() del archivo pcre2_jit_compile.c. Este problema afecta a las recursiones en expresiones regulares compiladas en JIT causadas por transfere... • https://bugzilla.redhat.com/show_bug.cgi?id=2077983%2C • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 0%CPEs: 19EXPL: 0CVE-2022-1586 – pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c
https://notcve.org/view.php?id=CVE-2022-1586
16 May 2022 — An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT. Se ha detectado una vulnerabilidad de lectura fuera de límites en la biblioteca PCRE2 en la función compile_xclass_matchingpath() del archivo pcre2_jit_compile.c. Esto implica un probl... • https://bugzilla.redhat.com/show_bug.cgi?id=2077976%2C • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2017-8399 – Gentoo Linux Security Advisory 201710-09
https://notcve.org/view.php?id=CVE-2017-8399
01 May 2017 — PCRE2 before 10.30 has an out-of-bounds write caused by a stack-based buffer overflow in pcre2_match.c, related to a "pattern with very many captures." PCRE2 en versiones anteriores a la 10.30 tiene una escritura fuera de límites provocada por un desbordamiento de búfer basado en pila en pcre2_match.c. Esto está relacionado con un "pattern with very many captures". Multiple vulnerabilities have been found in PCRE2, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 1... • http://www.securityfocus.com/bid/98315 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 1CVE-2015-3217 – pcre: stack overflow caused by mishandled group empty match (8.38/11)
https://notcve.org/view.php?id=CVE-2015-3217
12 May 2016 — PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by /^(?:(?(1)\\.|([^\\\\W_])?)+)+$/. • http://rhn.redhat.com/errata/RHSA-2016-1025.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-674: Uncontrolled Recursion •
CVSS: 9.8EPSS: 3%CPEs: 19EXPL: 1CVE-2016-3191 – PCRE Regular Expression Compilation Stack Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-3191
17 Mar 2016 — The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-3542. La función compile_branch en pcre_compile.c en PCRE 8.x en versione... • http://rhn.redhat.com/errata/RHSA-2016-1025.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 6%CPEs: 5EXPL: 1CVE-2015-3210 – pcre: buffer overflow caused by recursive back reference by name within certain group (8.38/4)
https://notcve.org/view.php?id=CVE-2015-3210
03 Aug 2015 — Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^(?P=B)((?P=B)(?J:(?P<B>c)(? • http://rhn.redhat.com/errata/RHSA-2016-2750.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •