threat
engine
.sh
Back
·
··:··
Home
/
Product
/
pcre perl compatible regular expression library
Product
pcre perl compatible regular expression library
17 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2015-8395
<= 8.37
PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspec
CVE-2015-8394
<= 8.37
PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a denial of serv
9.8
CRITICAL
CVE-2015-8393
<= 8.37
pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive inf
7.5
HIGH
CVE-2015-8392
<= 8.37
PCRE before 8.38 mishandles certain instances of the (?| substring, which allows remote attackers to cause a denial of service (un
CVE-2015-8390
<= 8.37
PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a denial of serv
9.8
CRITICAL
CVE-2015-8389
<= 8.37
PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote attackers to cause a denial of s
9.8
CRITICAL
CVE-2015-8388
<= 8.37
PCRE before 8.38 mishandles the /(?=di(?<=(?1))|(?=(.))))/ pattern and related patterns with an unmatched closing parenthesis, whi
CVE-2015-8387
<= 8.37
PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial
7.3
HIGH
CVE-2015-8386
<= 8.37
PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attac
9.8
CRITICAL
CVE-2015-8385
<= 8.37
PCRE before 8.38 mishandles the /(?|(\k'Pm')|(?'Pm'))/ pattern and related patterns with certain forward references, which allows
CVE-2015-8384
<= 8.37
PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and related patterns with certain recursive back references, which
CVE-2015-8383
<= 8.37
PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffe
9.8
CRITICAL
CVE-2015-8382
all versions
The match function in pcre_exec.c in PCRE before 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|
CVE-2015-8381
<= 8.37
The compile_regex function in pcre_compile.c in PCRE before 8.38 and pcre2_compile.c in PCRE2 before 10.2x mishandles the /(?J:(?|
CVE-2015-8380
<= 8.37
The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers
CVE-2015-2327
<= 8.35
PCRE before 8.36 mishandles the /(((a\2)|(a
)\g-1>))
/ pattern and related patterns with certain internal recursive back reference
CVE-2007-1661
<= 7.2
Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching certain input bytes against some reg
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin