Vulnerabilities > Pcre > Pcre2 > High

DATE CVE VULNERABILITY TITLE RISK
2023-07-18 CVE-2022-41409 Integer Overflow or Wraparound vulnerability in Pcre Pcre2
Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.
network
low complexity
pcre CWE-190
7.5
2020-02-14 CVE-2019-20454 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode.
network
low complexity
pcre fedoraproject splunk CWE-125
7.5
2017-03-20 CVE-2017-7186 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pcre and Pcre2
libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup.
network
low complexity
pcre CWE-119
7.5
2016-12-13 CVE-2015-3217 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by /^(?:(?(1)\\.|([^\\\\W_])?)+)+$/.
network
low complexity
pcre ibm CWE-119
7.5