Loading
The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
Cite this page
CVE-2015-8391. CVEDatabase.com. Retrieved 1 May 2026. https://cvedatabase.com/cve/CVE-2015-8391
Use CWE-119, Pcre vendor hub and Pcre product page to widen CVE-2015-8391 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2015-5073, CVE-2015-2325 and CVE-2017-7246 for nearby disclosures in the same product family.