Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1050705?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1050705?format=api", "purl": "pkg:deb/debian/pcre3@8.02-1.1%2Bdeb6u1", "type": "deb", "namespace": "debian", "name": "pcre3", "version": "8.02-1.1+deb6u1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2:8.39-13", "latest_non_vulnerable_version": "2:8.39-13", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34908?format=api", "vulnerability_id": "VCID-1rdp-4637-tfh7", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1025.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1025.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8388.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8388.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8388", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04176", "scoring_system": "epss", "scoring_elements": "0.88701", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04176", "scoring_system": "epss", "scoring_elements": "0.88645", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04176", "scoring_system": "epss", "scoring_elements": "0.88654", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04176", "scoring_system": "epss", "scoring_elements": "0.88671", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04176", "scoring_system": "epss", "scoring_elements": "0.88689", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04176", "scoring_system": "epss", "scoring_elements": "0.88695", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04176", "scoring_system": "epss", "scoring_elements": "0.88707", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04176", "scoring_system": "epss", "scoring_elements": "0.887", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8388" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8388" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023886", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023886" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securityfocus.com/bid/85576", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/85576" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1237223", "reference_id": "1237223", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1237223" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8388", "reference_id": "CVE-2015-8388", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8388" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1025", "reference_id": "RHSA-2016:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-8388" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1rdp-4637-tfh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34906?format=api", "vulnerability_id": "VCID-3a9g-pj5j-nbbc", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8387.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8387.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80753", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80762", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80698", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80707", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80728", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80724", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80752", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80761", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80777", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8387" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8387" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230216-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20230216-0002/" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "http://www.securityfocus.com/bid/82990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/82990" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287646", "reference_id": "1287646", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287646" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8387", "reference_id": "CVE-2015-8387", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8387" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-8387" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3a9g-pj5j-nbbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34916?format=api", "vulnerability_id": "VCID-3vg3-y6dk-n3ag", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178193.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178193.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178955.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178955.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1283.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1283.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0251", "scoring_system": "epss", "scoring_elements": "0.85373", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0251", "scoring_system": "epss", "scoring_elements": "0.85368", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0251", "scoring_system": "epss", "scoring_elements": "0.85371", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02952", "scoring_system": "epss", "scoring_elements": "0.86428", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02952", "scoring_system": "epss", "scoring_elements": "0.86447", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02952", "scoring_system": "epss", "scoring_elements": "0.86456", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03762", "scoring_system": "epss", "scoring_elements": "0.87992", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03762", "scoring_system": "epss", "scoring_elements": "0.88006", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03762", "scoring_system": "epss", "scoring_elements": "0.87983", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1283" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=1767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.exim.org/show_bug.cgi?id=1767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1283" }, { "reference_url": "https://www.tenable.com/security/tns-2016-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2016-18" }, { "reference_url": "https://www.tenable.com/security/tns-2017-14", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2017-14" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "reference_url": "http://www.securityfocus.com/bid/79825", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/79825" }, { "reference_url": "http://www.securitytracker.com/id/1034555", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034555" }, { "reference_url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.343110", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.343110" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1295385", "reference_id": "1295385", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1295385" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809706", "reference_id": "809706", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809706" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.38:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.38:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.38:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1283", "reference_id": "CVE-2016-1283", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1283" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2016-1283" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3vg3-y6dk-n3ag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34896?format=api", "vulnerability_id": "VCID-3wxw-5hsh-tqhj", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5073.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5073.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5073", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67796", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.6783", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.6785", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67829", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.6788", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67894", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67917", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67904", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67868", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5073" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1237223", "reference_id": "1237223", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1237223" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790000", "reference_id": "790000", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790000" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1025", "reference_id": "RHSA-2016:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2694-1/", "reference_id": "USN-2694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2694-1/" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-5073" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3wxw-5hsh-tqhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34912?format=api", "vulnerability_id": "VCID-4kzr-datq-bbcp", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8392.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8392.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8392", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04389", "scoring_system": "epss", "scoring_elements": "0.88995", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04389", "scoring_system": "epss", "scoring_elements": "0.88939", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04389", "scoring_system": "epss", "scoring_elements": "0.88947", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04389", "scoring_system": "epss", "scoring_elements": "0.88963", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04389", "scoring_system": "epss", "scoring_elements": "0.88966", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04389", "scoring_system": "epss", "scoring_elements": "0.88985", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04389", "scoring_system": "epss", "scoring_elements": "0.8899", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04389", "scoring_system": "epss", "scoring_elements": "0.89002", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04389", "scoring_system": "epss", "scoring_elements": "0.88996", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8392" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8392", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8392" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287690", "reference_id": "1287690", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287690" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8392", "reference_id": "CVE-2015-8392", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8392" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-8392" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4kzr-datq-bbcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34913?format=api", "vulnerability_id": "VCID-52he-28zb-z7bj", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8393.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8393.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8393", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72375", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72387", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72328", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72334", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72352", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72329", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72368", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.7238", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72403", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8393" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8393", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8393" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230216-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20230216-0002/" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "http://www.securityfocus.com/bid/82990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/82990" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287695", "reference_id": "1287695", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287695" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8393", "reference_id": "CVE-2015-8393", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8393" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-8393" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-52he-28zb-z7bj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34915?format=api", "vulnerability_id": "VCID-5vhs-7ffz-rkaf", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8395.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8395.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8395", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02405", "scoring_system": "epss", "scoring_elements": "0.85075", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02405", "scoring_system": "epss", "scoring_elements": "0.85", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02405", "scoring_system": "epss", "scoring_elements": "0.85013", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02405", "scoring_system": "epss", "scoring_elements": "0.8503", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02405", "scoring_system": "epss", "scoring_elements": "0.85035", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02405", "scoring_system": "epss", "scoring_elements": "0.85057", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02405", "scoring_system": "epss", "scoring_elements": "0.85064", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02405", "scoring_system": "epss", "scoring_elements": "0.8508", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02405", "scoring_system": "epss", "scoring_elements": "0.85079", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8395" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8395" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287711", "reference_id": "1287711", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287711" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8395", "reference_id": "CVE-2015-8395", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8395" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-8395" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5vhs-7ffz-rkaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62237?format=api", "vulnerability_id": "VCID-7386-q1qx-2fgr", "summary": "Multiple vulnerabilities have been found in the PCRE Library, the\n worst of which may allow remote attackers to cause a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7244.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7244.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7244", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.6696", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67032", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67045", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67058", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67077", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67063", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.66997", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67022", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.66996", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7244" }, { "reference_url": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-invalid-memory-read-in-_pcre32_xclass-pcre_xclass-c/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blogs.gentoo.org/ago/2017/03/20/libpcre-invalid-memory-read-in-_pcre32_xclass-pcre_xclass-c/" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7244", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7244" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/97067", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/97067" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1437364", "reference_id": "1437364", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1437364" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858683", "reference_id": "858683", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858683" }, { "reference_url": "https://security.archlinux.org/ASA-201707-20", "reference_id": "ASA-201707-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201707-20" }, { "reference_url": "https://security.archlinux.org/AVG-222", "reference_id": "AVG-222", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-222" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.40:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.40:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.40:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7244", "reference_id": "CVE-2017-7244", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7244" }, { "reference_url": "https://security.gentoo.org/glsa/201710-25", "reference_id": "GLSA-201710-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-25" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1057346?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-eupp-h1mx-13dy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-3" } ], "aliases": [ "CVE-2017-7244" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7386-q1qx-2fgr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34895?format=api", "vulnerability_id": "VCID-79s2-s1sx-3uag", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0534.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0534.html" }, { "reference_url": "http://bugs.exim.org/show_bug.cgi?id=1546", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.exim.org/show_bug.cgi?id=1546" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145843.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145843.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147474.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147474.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147511.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147511.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147516.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147516.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0330.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0330.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8964.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8964.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8964", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02057", "scoring_system": "epss", "scoring_elements": "0.8389", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02057", "scoring_system": "epss", "scoring_elements": "0.83894", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02057", "scoring_system": "epss", "scoring_elements": "0.83823", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02057", "scoring_system": "epss", "scoring_elements": "0.83837", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02057", "scoring_system": "epss", "scoring_elements": "0.83852", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02057", "scoring_system": "epss", "scoring_elements": "0.83854", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02057", "scoring_system": "epss", "scoring_elements": "0.83877", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02057", "scoring_system": "epss", "scoring_elements": "0.83884", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02057", "scoring_system": "epss", "scoring_elements": "0.839", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8964" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.exim.org/viewvc/pcre?view=revision&revision=1513", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.exim.org/viewvc/pcre?view=revision&revision=1513" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:002", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:002" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:137", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:137" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/11/21/6", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/11/21/6" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" }, { "reference_url": "http://www.securityfocus.com/bid/71206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/71206" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1166147", "reference_id": "1166147", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1166147" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770478", "reference_id": "770478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770478" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8964", "reference_id": "CVE-2014-8964", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8964" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0330", "reference_id": "RHSA-2015:0330", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0330" }, { "reference_url": "https://usn.ubuntu.com/2694-1/", "reference_id": "USN-2694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050708?format=api", "purl": "pkg:deb/debian/pcre3@2:8.35-3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rdp-4637-tfh7" }, { "vulnerability": "VCID-3a9g-pj5j-nbbc" }, { "vulnerability": "VCID-3vg3-y6dk-n3ag" }, { "vulnerability": "VCID-3wxw-5hsh-tqhj" }, { "vulnerability": "VCID-4kzr-datq-bbcp" }, { "vulnerability": "VCID-52he-28zb-z7bj" }, { "vulnerability": "VCID-5vhs-7ffz-rkaf" }, { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-7ufs-uvgd-v3ht" }, { "vulnerability": "VCID-7vb2-byp7-uyb3" }, { "vulnerability": "VCID-a952-adu8-8qfx" }, { "vulnerability": "VCID-cbu7-jb3m-nbf2" }, { "vulnerability": "VCID-dfts-4w3d-huc3" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-jkr1-gvjw-wkcx" }, { "vulnerability": "VCID-kwfj-9bb2-dqcb" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-mfmv-rw7p-rqbe" }, { "vulnerability": "VCID-mnr6-xgc9-xucz" }, { "vulnerability": "VCID-mq83-9qaf-ffgc" }, { "vulnerability": "VCID-pejf-33ba-h3c1" }, { "vulnerability": "VCID-tx1n-v7bn-7uhw" }, { "vulnerability": "VCID-udse-25e2-vfeb" }, { "vulnerability": "VCID-va26-j6rt-buab" }, { "vulnerability": "VCID-vjaf-nq1r-e3bm" }, { "vulnerability": "VCID-wx7q-7bp6-bybq" }, { "vulnerability": "VCID-xwr2-6zpb-x7cn" }, { "vulnerability": "VCID-ywee-ghvk-pubu" }, { "vulnerability": "VCID-yztb-bavc-kkgt" }, { "vulnerability": "VCID-zjgd-f5nj-zybz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.35-3.3" } ], "aliases": [ "CVE-2014-8964" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-79s2-s1sx-3uag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85857?format=api", "vulnerability_id": "VCID-7ufs-uvgd-v3ht", "summary": "php: Regular Expression Uninitialized Pointer Information Disclosure Vulnerability (ZDI-CAN-2547)", "references": [ { "reference_url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=c351b47ce85a3a147cfa801fa9f0149ab4160834", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=c351b47ce85a3a147cfa801fa9f0149ab4160834" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8382.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8382.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8382", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01772", "scoring_system": "epss", "scoring_elements": "0.82654", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01772", "scoring_system": "epss", "scoring_elements": "0.82587", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01772", "scoring_system": "epss", "scoring_elements": "0.82602", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01772", "scoring_system": "epss", "scoring_elements": "0.82617", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01772", "scoring_system": "epss", "scoring_elements": "0.82613", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01772", "scoring_system": "epss", "scoring_elements": "0.82639", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01772", "scoring_system": "epss", "scoring_elements": "0.82647", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01772", "scoring_system": "epss", "scoring_elements": "0.82665", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01772", "scoring_system": "epss", "scoring_elements": "0.82659", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8382" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=1537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.exim.org/show_bug.cgi?id=1537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8382" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/pcre_exec.c?r1=1502&r2=1510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/pcre_exec.c?r1=1502&r2=1510" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/08/04/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/08/04/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "http://www.securityfocus.com/bid/76157", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/76157" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1187225", "reference_id": "1187225", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1187225" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794589", "reference_id": "794589", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794589" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:8.36:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:8.36:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:8.36:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8382", "reference_id": "CVE-2015-8382", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8382" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-8382" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7ufs-uvgd-v3ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34914?format=api", "vulnerability_id": "VCID-7vb2-byp7-uyb3", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8394.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8394.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8394", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0188", "scoring_system": "epss", "scoring_elements": "0.83139", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0188", "scoring_system": "epss", "scoring_elements": "0.83144", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0188", "scoring_system": "epss", "scoring_elements": "0.83072", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0188", "scoring_system": "epss", "scoring_elements": "0.83089", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0188", "scoring_system": "epss", "scoring_elements": "0.83102", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0188", "scoring_system": "epss", "scoring_elements": "0.83101", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0188", "scoring_system": "epss", "scoring_elements": "0.83125", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0188", "scoring_system": "epss", "scoring_elements": "0.83133", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0188", "scoring_system": "epss", "scoring_elements": "0.83149", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8394" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8394", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8394" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230216-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20230216-0002/" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "http://www.securityfocus.com/bid/82990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/82990" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287702", "reference_id": "1287702", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287702" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8394", "reference_id": "CVE-2015-8394", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8394" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-8394" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7vb2-byp7-uyb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34904?format=api", "vulnerability_id": "VCID-a952-adu8-8qfx", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1025.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1025.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8385.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8385.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8385", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05145", "scoring_system": "epss", "scoring_elements": "0.89876", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05145", "scoring_system": "epss", "scoring_elements": "0.89835", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05145", "scoring_system": "epss", "scoring_elements": "0.89838", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05145", "scoring_system": "epss", "scoring_elements": "0.89851", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05145", "scoring_system": "epss", "scoring_elements": "0.89856", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05145", "scoring_system": "epss", "scoring_elements": "0.89873", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05145", "scoring_system": "epss", "scoring_elements": "0.89879", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05145", "scoring_system": "epss", "scoring_elements": "0.89885", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05145", "scoring_system": "epss", "scoring_elements": "0.89883", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8385" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8385", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8385" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023886", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023886" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securityfocus.com/bid/85572", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/85572" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287629", "reference_id": "1287629", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287629" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8385", "reference_id": "CVE-2015-8385", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8385" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1025", "reference_id": "RHSA-2016:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-8385" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a952-adu8-8qfx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34909?format=api", "vulnerability_id": "VCID-cbu7-jb3m-nbf2", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8389.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8389.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8389", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02653", "scoring_system": "epss", "scoring_elements": "0.85766", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02653", "scoring_system": "epss", "scoring_elements": "0.8577", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02653", "scoring_system": "epss", "scoring_elements": "0.85692", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02653", "scoring_system": "epss", "scoring_elements": "0.85704", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02653", "scoring_system": "epss", "scoring_elements": "0.85722", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02653", "scoring_system": "epss", "scoring_elements": "0.85728", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02653", "scoring_system": "epss", "scoring_elements": "0.85748", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02653", "scoring_system": "epss", "scoring_elements": "0.85758", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02653", "scoring_system": "epss", "scoring_elements": "0.85773", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8389" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8389", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8389" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230216-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20230216-0002/" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "http://www.securityfocus.com/bid/82990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/82990" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287659", "reference_id": "1287659", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287659" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8389", "reference_id": "CVE-2015-8389", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8389" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-8389" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cbu7-jb3m-nbf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34911?format=api", "vulnerability_id": "VCID-dfts-4w3d-huc3", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1025.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1025.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8391.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8391.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8391", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06404", "scoring_system": "epss", "scoring_elements": "0.91036", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06404", "scoring_system": "epss", "scoring_elements": "0.91037", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06404", "scoring_system": "epss", "scoring_elements": "0.90986", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06404", "scoring_system": "epss", "scoring_elements": "0.90991", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06404", "scoring_system": "epss", "scoring_elements": "0.91", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06404", "scoring_system": "epss", "scoring_elements": "0.9101", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06404", "scoring_system": "epss", "scoring_elements": "0.91023", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06404", "scoring_system": "epss", "scoring_elements": "0.91028", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8391" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8391" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230216-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20230216-0002/" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023886", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023886" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securityfocus.com/bid/82990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/82990" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287671", "reference_id": "1287671", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287671" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8391", "reference_id": "CVE-2015-8391", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:C" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8391" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1025", "reference_id": "RHSA-2016:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-8391" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dfts-4w3d-huc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81166?format=api", "vulnerability_id": "VCID-eupp-h1mx-13dy", "summary": "pcre: Integer overflow when parsing callout numeric arguments", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14155.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14155.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14155", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45693", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45762", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45784", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45732", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.4579", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45786", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45809", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45778", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45783", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14155" }, { "reference_url": "https://bugs.gentoo.org/717920", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.gentoo.org/717920" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.pcre.org/original/changelog.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.pcre.org/original/changelog.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436", "reference_id": "1848436", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963086", "reference_id": "963086", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963086" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155", "reference_id": "CVE-2020-14155", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4373", "reference_id": "RHSA-2021:4373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4613", "reference_id": "RHSA-2021:4613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4614", "reference_id": "RHSA-2021:4614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4614" }, { "reference_url": "https://usn.ubuntu.com/5425-1/", "reference_id": "USN-5425-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5425-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1057348?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-13" } ], "aliases": [ "CVE-2020-14155" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eupp-h1mx-13dy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7606?format=api", "vulnerability_id": "VCID-jkr1-gvjw-wkcx", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in PCRE and PCRE2 allows remote attackers to execute arbitrary code via a crafted regular expression.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3210.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3210.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3210", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0573", "scoring_system": "epss", "scoring_elements": "0.90401", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0573", "scoring_system": "epss", "scoring_elements": "0.90404", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0573", "scoring_system": "epss", "scoring_elements": "0.90416", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0573", "scoring_system": "epss", "scoring_elements": "0.9042", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0573", "scoring_system": "epss", "scoring_elements": "0.90434", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0573", "scoring_system": "epss", "scoring_elements": "0.9044", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0573", "scoring_system": "epss", "scoring_elements": "0.90448", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3210" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3210", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3210" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287623", "reference_id": "1287623", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287623" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787433", "reference_id": "787433", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787433" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3210", "reference_id": "CVE-2015-3210", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2694-1/", "reference_id": "USN-2694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2694-1/" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-3210" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jkr1-gvjw-wkcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34905?format=api", "vulnerability_id": "VCID-kwfj-9bb2-dqcb", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1025.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1025.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8386.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8386.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8386", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0752", "scoring_system": "epss", "scoring_elements": "0.9181", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0752", "scoring_system": "epss", "scoring_elements": "0.91814", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0752", "scoring_system": "epss", "scoring_elements": "0.91768", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0752", "scoring_system": "epss", "scoring_elements": "0.91776", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0752", "scoring_system": "epss", "scoring_elements": "0.91782", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0752", "scoring_system": "epss", "scoring_elements": "0.9179", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0752", "scoring_system": "epss", "scoring_elements": "0.91803", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0752", "scoring_system": "epss", "scoring_elements": "0.91809", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0752", "scoring_system": "epss", "scoring_elements": "0.91812", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8386" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8386" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230216-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20230216-0002/" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023886", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023886" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securityfocus.com/bid/82990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/82990" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287636", "reference_id": "1287636", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287636" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8386", "reference_id": "CVE-2015-8386", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8386" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1025", "reference_id": "RHSA-2016:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-8386" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kwfj-9bb2-dqcb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58170?format=api", "vulnerability_id": "VCID-m72x-pqy7-myg3", "summary": "A vulnerability in PCRE library allows remote attackers to cause a\n Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6004.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6004.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6004", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88508", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88515", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88533", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88536", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88555", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.8856", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88571", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88563", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88564", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6004" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6004", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6004" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1425365", "reference_id": "1425365", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1425365" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855405", "reference_id": "855405", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855405" }, { "reference_url": "https://security.gentoo.org/glsa/201706-11", "reference_id": "GLSA-201706-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-11" }, { "reference_url": "https://usn.ubuntu.com/5665-1/", "reference_id": "USN-5665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5665-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1057346?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-eupp-h1mx-13dy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-3" } ], "aliases": [ "CVE-2017-6004" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m72x-pqy7-myg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85752?format=api", "vulnerability_id": "VCID-mfmv-rw7p-rqbe", "summary": "pcre: heap buffer overflow in compile_branch()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2325.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2325.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2325", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58014", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58099", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.5812", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58095", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58149", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58153", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58168", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58145", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58125", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2325" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2325", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2325" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207198", "reference_id": "1207198", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207198" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781795", "reference_id": "781795", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781795" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2694-1/", "reference_id": "USN-2694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2694-1/" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-2325" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mfmv-rw7p-rqbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34910?format=api", "vulnerability_id": "VCID-mnr6-xgc9-xucz", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8390.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8390.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8390", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0287", "scoring_system": "epss", "scoring_elements": "0.86269", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0287", "scoring_system": "epss", "scoring_elements": "0.86273", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0287", "scoring_system": "epss", "scoring_elements": "0.86205", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0287", "scoring_system": "epss", "scoring_elements": "0.86215", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0287", "scoring_system": "epss", "scoring_elements": "0.86231", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0287", "scoring_system": "epss", "scoring_elements": "0.8625", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0287", "scoring_system": "epss", "scoring_elements": "0.86261", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0287", "scoring_system": "epss", "scoring_elements": "0.86276", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8390" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8390" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230216-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20230216-0002/" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "http://www.securityfocus.com/bid/82990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/82990" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287666", "reference_id": "1287666", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287666" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8390", "reference_id": "CVE-2015-8390", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8390" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-8390" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mnr6-xgc9-xucz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86205?format=api", "vulnerability_id": "VCID-mq83-9qaf-ffgc", "summary": "pcre: infinite recursion compiling pattern with zero-repeated groups that include recursive back reference (8.36/19)", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2327.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2327.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2327", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02821", "scoring_system": "epss", "scoring_elements": "0.86156", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02821", "scoring_system": "epss", "scoring_elements": "0.8609", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02821", "scoring_system": "epss", "scoring_elements": "0.861", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02821", "scoring_system": "epss", "scoring_elements": "0.86116", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02821", "scoring_system": "epss", "scoring_elements": "0.86135", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02821", "scoring_system": "epss", "scoring_elements": "0.86147", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02821", "scoring_system": "epss", "scoring_elements": "0.86161", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02821", "scoring_system": "epss", "scoring_elements": "0.8616", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2327" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=1503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.exim.org/show_bug.cgi?id=1503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2327", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2327" }, { "reference_url": "https://jira.mongodb.org/browse/SERVER-17252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://jira.mongodb.org/browse/SERVER-17252" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://www.fortiguard.com/advisory/FG-VD-15-010/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.fortiguard.com/advisory/FG-VD-15-010/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "http://www.securityfocus.com/bid/74924", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/74924" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285408", "reference_id": "1285408", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285408" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2327", "reference_id": "CVE-2015-2327", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-2327" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mq83-9qaf-ffgc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7607?format=api", "vulnerability_id": "VCID-pejf-33ba-h3c1", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nPCRE, and PCRE2 mishandle group empty matches, which might allow remote attackers to cause a denial of service (stack-based buffer overflow) via a crafted regular expression.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3217.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00861", "scoring_system": "epss", "scoring_elements": "0.75005", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00861", "scoring_system": "epss", "scoring_elements": "0.75008", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00861", "scoring_system": "epss", "scoring_elements": "0.75037", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00861", "scoring_system": "epss", "scoring_elements": "0.75013", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00861", "scoring_system": "epss", "scoring_elements": "0.75047", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00861", "scoring_system": "epss", "scoring_elements": "0.75059", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00861", "scoring_system": "epss", "scoring_elements": "0.75081", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00861", "scoring_system": "epss", "scoring_elements": "0.7506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00861", "scoring_system": "epss", "scoring_elements": "0.75049", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3217" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228283", "reference_id": "1228283", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228283" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787641", "reference_id": "787641", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787641" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3217", "reference_id": "CVE-2015-3217", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1025", "reference_id": "RHSA-2016:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-3217" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pejf-33ba-h3c1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34901?format=api", "vulnerability_id": "VCID-tx1n-v7bn-7uhw", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8381.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8381.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8381", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05803", "scoring_system": "epss", "scoring_elements": "0.90514", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05803", "scoring_system": "epss", "scoring_elements": "0.90472", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05803", "scoring_system": "epss", "scoring_elements": "0.90476", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05803", "scoring_system": "epss", "scoring_elements": "0.90487", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05803", "scoring_system": "epss", "scoring_elements": "0.90493", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05803", "scoring_system": "epss", "scoring_elements": "0.90505", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05803", "scoring_system": "epss", "scoring_elements": "0.90511", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05803", "scoring_system": "epss", "scoring_elements": "0.9052", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8381" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=1667", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.exim.org/show_bug.cgi?id=1667" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=1672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.exim.org/show_bug.cgi?id=1672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8381", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8381" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "http://www.securityfocus.com/bid/76187", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/76187" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287711", "reference_id": "1287711", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287711" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795539", "reference_id": "795539", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795539" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8381", "reference_id": "CVE-2015-8381", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8381" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-8381" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tx1n-v7bn-7uhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7327?format=api", "vulnerability_id": "VCID-udse-25e2-vfeb", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe compile_branch function in pcre_compile.c in PCRE and pcre2_compile.c in PCRE2 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-3542.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1025.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1025.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3191.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3191.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3191", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11337", "scoring_system": "epss", "scoring_elements": "0.93543", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11337", "scoring_system": "epss", "scoring_elements": "0.93534", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11337", "scoring_system": "epss", "scoring_elements": "0.93537", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11337", "scoring_system": "epss", "scoring_elements": "0.93509", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11337", "scoring_system": "epss", "scoring_elements": "0.93518", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11337", "scoring_system": "epss", "scoring_elements": "0.93526", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3191" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://bugs.debian.org/815920", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/815920" }, { "reference_url": "https://bugs.debian.org/815921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/815921" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=1791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.exim.org/show_bug.cgi?id=1791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3191", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3191" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.tenable.com/security/tns-2016-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2016-18" }, { "reference_url": "http://vcs.pcre.org/pcre2?view=revision&revision=489", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre2?view=revision&revision=489" }, { "reference_url": "http://vcs.pcre.org/pcre?view=revision&revision=1631", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre?view=revision&revision=1631" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023886", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023886" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securityfocus.com/bid/84810", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84810" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311503", "reference_id": "1311503", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311503" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815920", "reference_id": "815920", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815920" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815921", "reference_id": "815921", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815921" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.00:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.00:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.00:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.01:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.01:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.01:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.02:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.02:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.02:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.33:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.33:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.33:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.34:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.34:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.34:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.35:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.35:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.35:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.36:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.36:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.36:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.37:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.37:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.37:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.38:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.38:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.38:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3191", "reference_id": "CVE-2016-3191", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3191" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1025", "reference_id": "RHSA-2016:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2016-3191" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-udse-25e2-vfeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34899?format=api", "vulnerability_id": "VCID-va26-j6rt-buab", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173700.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173700.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8380.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8380.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8380", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01238", "scoring_system": "epss", "scoring_elements": "0.79221", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01238", "scoring_system": "epss", "scoring_elements": "0.79173", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01238", "scoring_system": "epss", "scoring_elements": "0.79179", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01238", "scoring_system": "epss", "scoring_elements": "0.79203", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01238", "scoring_system": "epss", "scoring_elements": "0.79189", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01238", "scoring_system": "epss", "scoring_elements": "0.79214", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01238", "scoring_system": "epss", "scoring_elements": "0.79222", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01238", "scoring_system": "epss", "scoring_elements": "0.79246", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01238", "scoring_system": "epss", "scoring_elements": "0.7923", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8380" }, { "reference_url": "https://blog.fuzzing-project.org/29-Heap-Overflow-in-PCRE.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.fuzzing-project.org/29-Heap-Overflow-in-PCRE.html" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=1637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.exim.org/show_bug.cgi?id=1637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8380" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "http://www.securityfocus.com/bid/77695", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/77695" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285413", "reference_id": "1285413", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285413" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806467", "reference_id": "806467", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806467" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8380", "reference_id": "CVE-2015-8380", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8380" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-8380" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-va26-j6rt-buab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86176?format=api", "vulnerability_id": "VCID-vjaf-nq1r-e3bm", "summary": "pcre: infinite recursion compiling pattern with recursive reference in a group with indefinite repeat (8.36/20)", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1025.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1025.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2328.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2328.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2328", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02714", "scoring_system": "epss", "scoring_elements": "0.85921", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02714", "scoring_system": "epss", "scoring_elements": "0.85853", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02714", "scoring_system": "epss", "scoring_elements": "0.85864", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02714", "scoring_system": "epss", "scoring_elements": "0.85882", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02714", "scoring_system": "epss", "scoring_elements": "0.85886", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02714", "scoring_system": "epss", "scoring_elements": "0.85905", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02714", "scoring_system": "epss", "scoring_elements": "0.85915", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02714", "scoring_system": "epss", "scoring_elements": "0.85929", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02714", "scoring_system": "epss", "scoring_elements": "0.85926", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2328" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=1515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.exim.org/show_bug.cgi?id=1515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2328", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2328" }, { "reference_url": "https://jira.mongodb.org/browse/SERVER-17252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://jira.mongodb.org/browse/SERVER-17252" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023886", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023886" }, { "reference_url": "http://www.fortiguard.com/advisory/FG-VD-15-014/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.fortiguard.com/advisory/FG-VD-15-014/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securityfocus.com/bid/74924", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/74924" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285399", "reference_id": "1285399", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285399" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2328", "reference_id": "CVE-2015-2328", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1025", "reference_id": "RHSA-2016:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-2328" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vjaf-nq1r-e3bm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34903?format=api", "vulnerability_id": "VCID-wx7q-7bp6-bybq", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8384.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8384.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8384", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.78848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.788", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.78807", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.78836", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.78819", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.78845", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.78851", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.78874", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.78857", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8384" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8384" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287623", "reference_id": "1287623", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287623" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8384", "reference_id": "CVE-2015-8384", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8384" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-8384" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wx7q-7bp6-bybq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85285?format=api", "vulnerability_id": "VCID-xwr2-6zpb-x7cn", "summary": "pcre: incorrect nested table jumps when JIT is used (8.36/6)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9769.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9769.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9769", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76144", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76147", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76085", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76088", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.7612", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76099", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76132", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76145", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76171", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9769" }, { "reference_url": "https://bugs.debian.org/819050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/819050" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9769", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9769" }, { "reference_url": "https://redmine.openinfosecfoundation.org/issues/1693", "reference_id": "", "reference_type": "", "scores": [], "url": "https://redmine.openinfosecfoundation.org/issues/1693" }, { "reference_url": "http://vcs.pcre.org/pcre?view=revision&revision=1475", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre?view=revision&revision=1475" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/03/26/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/03/26/1" }, { "reference_url": "http://www.securityfocus.com/bid/85570", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/85570" }, { "reference_url": "http://www.securitytracker.com/id/1035424", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035424" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1320995", "reference_id": "1320995", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1320995" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819050", "reference_id": "819050", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819050" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.35:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.35:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.35:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9769", "reference_id": "CVE-2014-9769", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9769" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2014-9769" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xwr2-6zpb-x7cn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7854?format=api", "vulnerability_id": "VCID-ywee-ghvk-pubu", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nlibpcre1 in PCRE and libpcre2 in PCRE2 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7186.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7186.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7186", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07102", "scoring_system": "epss", "scoring_elements": "0.91487", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07102", "scoring_system": "epss", "scoring_elements": "0.91532", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07102", "scoring_system": "epss", "scoring_elements": "0.91509", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07102", "scoring_system": "epss", "scoring_elements": "0.91522", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07102", "scoring_system": "epss", "scoring_elements": "0.91528", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07102", "scoring_system": "epss", "scoring_elements": "0.91533", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07102", "scoring_system": "epss", "scoring_elements": "0.91534", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07102", "scoring_system": "epss", "scoring_elements": "0.91494", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07102", "scoring_system": "epss", "scoring_elements": "0.91501", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7186" }, { "reference_url": "https://blogs.gentoo.org/ago/2017/03/14/libpcre-invalid-memory-read-in-match-pcre_exec-c/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blogs.gentoo.org/ago/2017/03/14/libpcre-invalid-memory-read-in-match-pcre_exec-c/" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=2052", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.exim.org/show_bug.cgi?id=2052" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7186", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7186" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://vcs.pcre.org/pcre2/code/trunk/src/pcre2_internal.h?r1=600&r2=670&sortby=date", "reference_id": "", "reference_type": "", "scores": [], "url": "https://vcs.pcre.org/pcre2/code/trunk/src/pcre2_internal.h?r1=600&r2=670&sortby=date" }, { "reference_url": "https://vcs.pcre.org/pcre2/code/trunk/src/pcre2_ucd.c?r1=316&r2=670&sortby=date", "reference_id": "", "reference_type": "", "scores": [], "url": "https://vcs.pcre.org/pcre2/code/trunk/src/pcre2_ucd.c?r1=316&r2=670&sortby=date" }, { "reference_url": "https://vcs.pcre.org/pcre/code/trunk/pcre_internal.h?r1=1649&r2=1688&sortby=date", "reference_id": "", "reference_type": "", "scores": [], "url": "https://vcs.pcre.org/pcre/code/trunk/pcre_internal.h?r1=1649&r2=1688&sortby=date" }, { "reference_url": "https://vcs.pcre.org/pcre/code/trunk/pcre_ucd.c?r1=1490&r2=1688&sortby=date", "reference_id": "", "reference_type": "", "scores": [], "url": "https://vcs.pcre.org/pcre/code/trunk/pcre_ucd.c?r1=1490&r2=1688&sortby=date" }, { "reference_url": "http://www.securityfocus.com/bid/97030", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/97030" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1434504", "reference_id": "1434504", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1434504" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858230", "reference_id": "858230", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858230" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858233", "reference_id": "858233", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858233" }, { "reference_url": "https://security.archlinux.org/ASA-201707-20", "reference_id": "ASA-201707-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201707-20" }, { "reference_url": "https://security.archlinux.org/ASA-201710-18", "reference_id": "ASA-201710-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-18" }, { "reference_url": "https://security.archlinux.org/AVG-222", "reference_id": "AVG-222", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-222" }, { "reference_url": "https://security.archlinux.org/AVG-223", "reference_id": "AVG-223", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-223" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre2:10.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre2:10.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre2:10.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.40:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:pcre:8.40:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:8.40:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7186", "reference_id": "CVE-2017-7186", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7186" }, { "reference_url": "https://security.gentoo.org/glsa/201710-09", "reference_id": "GLSA-201710-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-09" }, { "reference_url": "https://security.gentoo.org/glsa/201710-25", "reference_id": "GLSA-201710-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-25" }, { "reference_url": "https://usn.ubuntu.com/5665-1/", "reference_id": "USN-5665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5665-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1057346?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-eupp-h1mx-13dy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-3" } ], "aliases": [ "CVE-2017-7186" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ywee-ghvk-pubu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34902?format=api", "vulnerability_id": "VCID-yztb-bavc-kkgt", "summary": "Multiple vulnerabilities have been found in libpcre, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8383.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8383.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8383", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02335", "scoring_system": "epss", "scoring_elements": "0.84846", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02335", "scoring_system": "epss", "scoring_elements": "0.84851", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02335", "scoring_system": "epss", "scoring_elements": "0.84771", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02335", "scoring_system": "epss", "scoring_elements": "0.84786", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02335", "scoring_system": "epss", "scoring_elements": "0.84806", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02335", "scoring_system": "epss", "scoring_elements": "0.84807", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02335", "scoring_system": "epss", "scoring_elements": "0.8483", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02335", "scoring_system": "epss", "scoring_elements": "0.84836", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02335", "scoring_system": "epss", "scoring_elements": "0.84854", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8383" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8383" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230216-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20230216-0002/" }, { "reference_url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/29/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287614", "reference_id": "1287614", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287614" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8383", "reference_id": "CVE-2015-8383", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8383" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-8383" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yztb-bavc-kkgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85753?format=api", "vulnerability_id": "VCID-zjgd-f5nj-zybz", "summary": "pcre: heap buffer over-read in pcre_compile2() (8.37/23)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2326.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2326.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2326", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.68572", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.68505", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.68523", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.68542", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.6852", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.68571", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.68589", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.68615", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.68602", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2326" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2326", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2326" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207202", "reference_id": "1207202", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207202" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783285", "reference_id": "783285", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2694-1/", "reference_id": "USN-2694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2694-1/" }, { "reference_url": "https://usn.ubuntu.com/2943-1/", "reference_id": "USN-2943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050710?format=api", "purl": "pkg:deb/debian/pcre3@2:8.39-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7386-q1qx-2fgr" }, { "vulnerability": "VCID-eupp-h1mx-13dy" }, { "vulnerability": "VCID-m72x-pqy7-myg3" }, { "vulnerability": "VCID-ywee-ghvk-pubu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@2:8.39-1" } ], "aliases": [ "CVE-2015-2326" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zjgd-f5nj-zybz" } ], "fixing_vulnerabilities": [], "risk_score": "4.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcre3@8.02-1.1%252Bdeb6u1" }