pcre

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A deprecated library that implements Perl 5-style regular expressions
Version 8.45-4 [core]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-351 8.42-2 8.43-1 Low Fixed
AVG-222 8.40-1 8.41-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2017-11164 AVG-351 Low Yes Denial of service 
In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular...
CVE-2017-7246 AVG-222 Low Yes Arbitrary code execution 
A stack-based write buffer overflow has been found in libpcre <= 8.40, in the pcretest utility. It can lead to arbitrary code execution via a crafted...
CVE-2017-7245 AVG-222 Low Yes Arbitrary code execution 
A stack-based write buffer overflow has been found in libpcre <= 8.40, in the pcretest utility. It can lead to arbitrary code execution via a crafted...
CVE-2017-7244 AVG-222 Low No Denial of service 
A stack-based read buffer overflow has been found in libpcre <= 8.40, in the pcretest utility. It can lead to denial of service via a crafted expression...
CVE-2017-7186 AVG-222 Medium Yes Denial of service 
libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and...

Advisories

Date Advisory Group Severity Type
03 Mar 2019 ASA-201903-4 AVG-351 Low denial of service
18 Jul 2017 ASA-201707-20 AVG-222 Medium multiple issues