Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-8391

Опубликовано: 02 дек. 2015
Источник: debian

Описание

The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
pcre3fixed2:8.38-1package
pcre3fixed2:8.35-3.3+deb8u2jessiepackage
pcre3no-dsawheezypackage
pcre3not-affectedsqueezepackage

Примечания

  • Fixed in 8.38

  • Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1579

  • First bad commit: http://vcs.pcre.org/pcre?view=revision&revision=640

Связанные уязвимости

ubuntu логотип

CVE-2015-8391

CVSS3: 9.8
ubuntu
почти 10 лет назад

The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

redhat логотип

CVE-2015-8391

redhat
почти 10 лет назад

The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

nvd логотип

CVE-2015-8391

CVSS3: 9.8
nvd
почти 10 лет назад

The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

github логотип

GHSA-86ch-fq45-3c2j

CVSS3: 9.8
github
больше 3 лет назад

The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.

fstec логотип

BDU:2022-04560

CVSS3: 8.8
fstec
почти 10 лет назад

Уязвимость функции pcre_compile() библиотеки регулярных выражений на языке Perl PCRE, позволяющая нарушителю вызвать отказ в обслуживании