pcre (SUSE:Linux Enterprise Software Development Kit 12 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Software Development Kit 12 SP2 package pcre, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (25)
CVE-2015-8383 — CVSS 9.8 (critical): PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer…
CVE-2016-1283 — CVSS 9.8 (critical): The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J…
CVE-2015-8386 — CVSS 9.8 (critical): PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to…
CVE-2015-8394 — CVSS 9.8 (critical): PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a denial of service…
CVE-2015-3210 — CVSS 9.8 (critical): Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted…
CVE-2015-8389 — CVSS 9.8 (critical): PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote attackers to cause a denial of service…
CVE-2015-8390 — CVSS 9.8 (critical): PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a denial of service…
CVE-2015-8391 — CVSS 9.8 (critical): The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a…
CVE-2016-3191 — CVSS 9.8 (critical): The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns…
CVE-2015-5073 — CVSS 9.1 (critical): Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial…
CVE-2015-2325 — CVSS 7.8 (high): The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service…
CVE-2015-8385 — CVSS 7.5 (high): PCRE before 8.38 mishandles the /(?|(\k'Pm')|(?'Pm'))/ pattern and related patterns with certain forward references, which allows remote…
CVE-2015-2327 — CVSS 7.5 (high): PCRE before 8.36 mishandles the /(((a\2)|(a*)\g<-1>))*/ pattern and related patterns with certain internal recursive back references, which…
CVE-2015-2328 — CVSS 7.5 (high): PCRE before 8.36 mishandles the /((?(R)a|(?1)))+/ pattern and related patterns with certain recursion, which allows remote attackers to…
CVE-2015-3217 — CVSS 7.5 (high): PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of…
CVE-2015-8380 — CVSS 7.5 (high): The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers to cause…
CVE-2015-8381 — CVSS 7.5 (high): The compile_regex function in pcre_compile.c in PCRE before 8.38 and pcre2_compile.c in PCRE2 before 10.2x mishandles the…
CVE-2015-8384 — CVSS 7.5 (high): PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and related patterns with certain recursive back references, which allows…
CVE-2015-8388 — CVSS 7.5 (high): PCRE before 8.38 mishandles the /(?=di(?<=(?1))|(?=(.))))/ pattern and related patterns with an unmatched closing parenthesis, which allows…
CVE-2015-8392 — CVSS 7.5 (high): PCRE before 8.38 mishandles certain instances of the (?| substring, which allows remote attackers to cause a denial of service (unintended…
CVE-2015-8393 — CVSS 7.5 (high): pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information…
CVE-2015-8395 — CVSS 7.5 (high): PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspecified…
CVE-2015-8387 — CVSS 7.3 (high): PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of…
CVE-2015-8382 — CVSS 6.4 (medium): The match function in pcre_exec.c in PCRE before 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|((*ACCEPT)…
CVE-2014-8964 — CVSS 5.0 (medium): Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified…