Vulnerabilities > Pcre > Perl Compatible Regular Expression Library > High

DATE CVE VULNERABILITY TITLE RISK
2015-12-02 CVE-2015-8393 Information Exposure vulnerability in multiple products
pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a crafted file, as demonstrated by a CGI script that sends stdout data to a client.
network
low complexity
pcre fedoraproject php CWE-200
7.5
2015-12-02 CVE-2015-8387 Integer Overflow or Wraparound vulnerability in multiple products
PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
network
low complexity
pcre fedoraproject php CWE-190
7.3