VulnerableCode Package Details - pkg:deb/debian/pcre3@2:8.39-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-5pd9-y6hx-1bau Aliases: CVE-2020-14155	libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.	2:8.39-13 Affected by 0 other vulnerabilities.
VCID-af51-myrf-qqfx Aliases: CVE-2017-7186		2:8.39-3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-ducq-qfe7-53eg Aliases: CVE-2017-7244	pcre: invalid memory read in _pcre32_xclass (pcre_xclass.c)	2:8.39-3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-zjry-g31w-6kc9 Aliases: CVE-2017-6004		2:8.39-3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-5pd9-y6hx-1bau
Aliases:
CVE-2020-14155

libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.

2:8.39-13
Affected by 0 other vulnerabilities.

VCID-af51-myrf-qqfx
Aliases:
CVE-2017-7186

2:8.39-3
Affected by 1 other vulnerability.

VCID-ducq-qfe7-53eg
Aliases:
CVE-2017-7244

pcre: invalid memory read in _pcre32_xclass (pcre_xclass.c)

2:8.39-3
Affected by 1 other vulnerability.

VCID-zjry-g31w-6kc9
Aliases:
CVE-2017-6004

2:8.39-3
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
VCID-4mf7-yhz8-wfd2		CVE-2015-8382
VCID-84me-xu6n-n3cb		CVE-2015-8387
VCID-bc31-5avs-r7h8		CVE-2015-8381
VCID-bpqd-35a6-37gx		CVE-2015-8392
VCID-byau-zkpp-23ak		CVE-2014-9769
VCID-dvbb-prp2-nyhu	Improper Restriction of Operations within the Bounds of a Memory Buffer PCRE, and PCRE2 mishandle group empty matches, which might allow remote attackers to cause a denial of service (stack-based buffer overflow) via a crafted regular expression.	CVE-2015-3217
VCID-emnu-m68f-23a4		CVE-2015-5073
VCID-exq4-da11-nqe9		CVE-2015-2327
VCID-fbpk-vmc9-uydt		CVE-2015-8393
VCID-fg7x-tuws-2qhb		CVE-2015-8390
VCID-mcdx-7486-67c1	The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by "((?+1)(\1))/".	CVE-2015-2326
VCID-nau2-gqtb-jued		CVE-2015-8385
VCID-p4ck-fmvt-6ubw		CVE-2015-8395
VCID-pgjn-zzg2-qyfb		CVE-2015-3210
VCID-qtme-qmzz-uucy		CVE-2015-8388
VCID-r49q-z37a-uugk		CVE-2015-8383
VCID-r71f-hvbv-uqc8		CVE-2016-3191
VCID-s8xf-szk1-ryhq		CVE-2015-8384
VCID-tq32-wv3v-b3au		CVE-2015-8391
VCID-u91f-7kb8-s3hc	The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier.	CVE-2015-2325
VCID-utgx-gcm8-jbbv		CVE-2015-8389
VCID-vw2w-trkr-43bf		CVE-2015-8394
VCID-wk2e-rxaa-kbg1		CVE-2015-8386
VCID-xh86-3nhw-6khk		CVE-2015-8380
VCID-ycrv-5wxy-w7b6		CVE-2015-2328
VCID-yvdz-tydg-97d9		CVE-2016-1283

Vulnerability

Summary

Aliases

VCID-4mf7-yhz8-wfd2

CVE-2015-8382

VCID-84me-xu6n-n3cb

CVE-2015-8387

VCID-bc31-5avs-r7h8

CVE-2015-8381

VCID-bpqd-35a6-37gx

CVE-2015-8392

VCID-byau-zkpp-23ak

CVE-2014-9769

VCID-dvbb-prp2-nyhu

Improper Restriction of Operations within the Bounds of a Memory Buffer PCRE, and PCRE2 mishandle group empty matches, which might allow remote attackers to cause a denial of service (stack-based buffer overflow) via a crafted regular expression.

CVE-2015-3217

VCID-emnu-m68f-23a4

CVE-2015-5073

VCID-exq4-da11-nqe9

CVE-2015-2327

VCID-fbpk-vmc9-uydt

CVE-2015-8393

VCID-fg7x-tuws-2qhb

CVE-2015-8390

VCID-mcdx-7486-67c1

The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by "((?+1)(\1))/".

CVE-2015-2326

VCID-nau2-gqtb-jued

CVE-2015-8385

VCID-p4ck-fmvt-6ubw

CVE-2015-8395

VCID-pgjn-zzg2-qyfb

CVE-2015-3210

VCID-qtme-qmzz-uucy

CVE-2015-8388

VCID-r49q-z37a-uugk

CVE-2015-8383

VCID-r71f-hvbv-uqc8

CVE-2016-3191

VCID-s8xf-szk1-ryhq

CVE-2015-8384

VCID-tq32-wv3v-b3au

CVE-2015-8391

VCID-u91f-7kb8-s3hc

The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier.

CVE-2015-2325

VCID-utgx-gcm8-jbbv

CVE-2015-8389

VCID-vw2w-trkr-43bf

CVE-2015-8394

VCID-wk2e-rxaa-kbg1

CVE-2015-8386

VCID-xh86-3nhw-6khk

CVE-2015-8380

VCID-ycrv-5wxy-w7b6

CVE-2015-2328

VCID-yvdz-tydg-97d9

CVE-2016-1283

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T20:14:04.893645+00:00	Debian Oval Importer	Affected by	VCID-af51-myrf-qqfx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T20:13:18.013081+00:00	Debian Oval Importer	Fixing	VCID-84me-xu6n-n3cb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T20:07:05.442957+00:00	Debian Oval Importer	Fixing	VCID-r71f-hvbv-uqc8	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T19:53:55.587292+00:00	Debian Oval Importer	Fixing	VCID-fbpk-vmc9-uydt	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T19:44:56.068526+00:00	Debian Oval Importer	Fixing	VCID-qtme-qmzz-uucy	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T19:36:11.818641+00:00	Debian Oval Importer	Fixing	VCID-exq4-da11-nqe9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T19:32:46.259804+00:00	Debian Oval Importer	Fixing	VCID-emnu-m68f-23a4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T19:29:36.919725+00:00	Debian Oval Importer	Affected by	VCID-zjry-g31w-6kc9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T19:22:51.978503+00:00	Debian Oval Importer	Fixing	VCID-wk2e-rxaa-kbg1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T19:06:47.303800+00:00	Debian Oval Importer	Fixing	VCID-vw2w-trkr-43bf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:54:26.477008+00:00	Debian Oval Importer	Fixing	VCID-byau-zkpp-23ak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:34:53.529897+00:00	Debian Oval Importer	Fixing	VCID-u91f-7kb8-s3hc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:19:56.721569+00:00	Debian Oval Importer	Affected by	VCID-ducq-qfe7-53eg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:06:47.790525+00:00	Debian Oval Importer	Fixing	VCID-ycrv-5wxy-w7b6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:04:12.619917+00:00	Debian Oval Importer	Fixing	VCID-mcdx-7486-67c1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:01:04.224929+00:00	Debian Oval Importer	Fixing	VCID-dvbb-prp2-nyhu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:24:49.510258+00:00	Debian Oval Importer	Fixing	VCID-s8xf-szk1-ryhq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:06:53.912211+00:00	Debian Oval Importer	Fixing	VCID-fg7x-tuws-2qhb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T17:00:05.467946+00:00	Debian Oval Importer	Fixing	VCID-bc31-5avs-r7h8	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T16:43:25.488406+00:00	Debian Oval Importer	Affected by	VCID-5pd9-y6hx-1bau	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T16:36:32.825244+00:00	Debian Oval Importer	Fixing	VCID-pgjn-zzg2-qyfb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:57:52.371161+00:00	Debian Oval Importer	Fixing	VCID-xh86-3nhw-6khk	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:19:05.256287+00:00	Debian Oval Importer	Fixing	VCID-r49q-z37a-uugk	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:01:57.420485+00:00	Debian Oval Importer	Fixing	VCID-yvdz-tydg-97d9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T14:01:41.481603+00:00	Debian Oval Importer	Fixing	VCID-4mf7-yhz8-wfd2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:03:04.476972+00:00	Debian Oval Importer	Fixing	VCID-utgx-gcm8-jbbv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:01:30.565623+00:00	Debian Oval Importer	Fixing	VCID-bpqd-35a6-37gx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:53:09.395689+00:00	Debian Oval Importer	Fixing	VCID-nau2-gqtb-jued	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:26:41.083571+00:00	Debian Oval Importer	Fixing	VCID-p4ck-fmvt-6ubw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:19:03.205043+00:00	Debian Oval Importer	Fixing	VCID-tq32-wv3v-b3au	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0