pcre

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A library that implements Perl 5-style regular expressions
Version 8.42-1 [core]

Open

Group Affected Fixed Severity Status Ticket
AVG-351 8.42-1 Low Vulnerable
Issue Group Severity Remote Type Description
CVE-2017-11164 AVG-351 Low Yes Denial of service
In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-222 8.40-1 8.41-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2017-7246 AVG-222 Low Yes Arbitrary code execution
A stack-based write buffer overflow has been found in libpcre <= 8.40, in the pcretest utility. It can lead to arbitrary code execution via a crafted...
CVE-2017-7245 AVG-222 Low Yes Arbitrary code execution
A stack-based write buffer overflow has been found in libpcre <= 8.40, in the pcretest utility. It can lead to arbitrary code execution via a crafted...
CVE-2017-7244 AVG-222 Low No Denial of service
A stack-based read buffer overflow has been found in libpcre <= 8.40, in the pcretest utility. It can lead to denial of service via a crafted expression...
CVE-2017-7186 AVG-222 Medium Yes Denial of service
libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and...

Advisories

Date Advisory Group Severity Description
18 Jul 2017 ASA-201707-20 AVG-222 Medium multiple issues