Описание
The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Directory Server 8 | pcre | Not affected | ||
| Red Hat Enterprise Linux 5 | pcre | Not affected | ||
| Red Hat Enterprise Linux 6 | glib2 | Not affected | ||
| Red Hat Enterprise Linux 6 | pcre | Not affected | ||
| Red Hat Enterprise Linux 7 | glib2 | Not affected | ||
| Red Hat Enterprise Linux 7 | pcre | Will not fix | ||
| Red Hat Enterprise Linux 7 | virtuoso-opensource | Not affected | ||
| Red Hat JBoss Enterprise Web Server 1 | httpd | Will not fix | ||
| Red Hat JBoss Enterprise Web Server 2 | httpd | Will not fix | ||
| Red Hat JBoss Enterprise Web Server 3 | httpd | Will not fix |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression.
The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression.
The compile_bracket_matchingpath function in pcre_jit_compile.c in PCR ...
The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression.
7.5 High
CVSS3