PHP — популярный язык сценариев общего назначения, особенно подходящий для веб-разработки.
Релизный цикл, информация об уязвимостях
График релизов
Количество 3 883
CVE-2015-8389
PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related pa ...
CVE-2015-8387
PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
CVE-2015-8387
PCRE before 8.38 mishandles (?123) subroutine calls and related subrou ...
CVE-2015-8386
PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
CVE-2015-8386
PCRE before 8.38 mishandles the interaction of lookbehind assertions a ...
CVE-2015-8383
PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
CVE-2015-8383
PCRE before 8.38 mishandles certain repeated conditional groups, which ...
CVE-2015-8387
PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
CVE-2015-8391
The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
CVE-2015-8390
PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2015-8389 PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related pa ... | CVSS3: 9.8 | 3% Низкий | около 10 лет назад |
 | CVE-2015-8387 PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | CVSS3: 7.3 | 2% Низкий | около 10 лет назад |
| CVE-2015-8387 PCRE before 8.38 mishandles (?123) subroutine calls and related subrou ... | CVSS3: 7.3 | 2% Низкий | около 10 лет назад |
| CVE-2015-8386 PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | CVSS3: 9.8 | 7% Низкий | около 10 лет назад |
| CVE-2015-8386 PCRE before 8.38 mishandles the interaction of lookbehind assertions a ... | CVSS3: 9.8 | 7% Низкий | около 10 лет назад |
| CVE-2015-8383 PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | CVSS3: 9.8 | 4% Низкий | около 10 лет назад |
| CVE-2015-8383 PCRE before 8.38 mishandles certain repeated conditional groups, which ... | CVSS3: 9.8 | 4% Низкий | около 10 лет назад |
 | CVE-2015-8387 PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | CVSS3: 7.3 | 2% Низкий | около 10 лет назад |
| CVE-2015-8391 The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | CVSS3: 9.8 | 9% Низкий | около 10 лет назад |
| CVE-2015-8390 PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | CVSS3: 9.8 | 4% Низкий | около 10 лет назад |
Уязвимостей на страницу