Vulnerabilities > Pcre > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-12-02 | CVE-2015-2327 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pcre Perl Compatible Regular Expression Library PCRE before 8.36 mishandles the /(((a\2)|(a*)\g<-1>))*/ pattern and related patterns with certain internal recursive back references, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | 7.5 |
| 2008-07-07 | CVE-2008-2371 | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches. | 7.5 |
| 2008-02-18 | CVE-2008-0674 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Pcre Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255. | 7.5 |
| 2007-11-07 | CVE-2007-4766 | Numeric Errors vulnerability in Pcre Multiple integer overflows in Perl-Compatible Regular Expression (PCRE) library before 7.3 allow context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via unspecified escape (backslash) sequences. | 7.5 |