pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a crafted file, as demonstrated by a CGI script that sends stdout data to a client.
Base Score: 5
Impact Score: 2.9
Exploitability Score: 10
cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:* versions up to 8.37 (inclusive)
View all (20 total)