PCRE before 8.38 mishandles certain instances of the (?| substring, which allows remote attackers to cause a denial of service (unintended recursion and buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and CVE-2015-8395.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2015-12-02T01:00:00
Updated: 2024-08-06T08:13:32.675Z
Reserved: 2015-12-01T00:00:00
Link: CVE-2015-8392
Vulnrichment
No data.
NVD
Status : Modified
Published: 2015-12-02T01:59:16.230
Modified: 2024-11-21T02:38:26.497
Link: CVE-2015-8392
Redhat