CVE-2017-11164

Опубликовано: 10 июл. 2017

Источник: redhat

CVSS3: 3.3

EPSS Низкий

Описание

In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	pcre	Will not fix
Red Hat Enterprise Linux 6	glib2	Will not fix
Red Hat Enterprise Linux 6	pcre	Will not fix
Red Hat Enterprise Linux 7	glib2	Will not fix
Red Hat Enterprise Linux 7	pcre	Will not fix
Red Hat Enterprise Linux 7	pcre2	Not affected
Red Hat Enterprise Linux 7	virtuoso-opensource	Will not fix
Red Hat JBoss Core Services	httpd	Will not fix
Red Hat JBoss Enterprise Web Server 1	httpd	Will not fix
Red Hat JBoss Enterprise Web Server 2	httpd	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-674

https://bugzilla.redhat.com/show_bug.cgi?id=1470107pcre: OP_KETRMAX feature in the match function in pcre_exec.c

EPSS

Процентиль: 29%

0.00106

Низкий

3.3 Low

CVSS3

Связанные уязвимости

CVE-2017-11164

CVSS3: 7.5

ubuntu

больше 8 лет назад

In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.

CVE-2017-11164

CVSS3: 7.5

nvd

больше 8 лет назад

In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.

CVE-2017-11164

CVSS3: 7.5

debian

больше 8 лет назад

In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exe ...

GHSA-5457-7wx3-gf7j

CVSS3: 7.5

github

больше 3 лет назад

In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.

EPSS

Процентиль: 29%

0.00106

Низкий

3.3 Low

CVSS3