Описание
Perl-Compatible Regular Expression (PCRE) library before 6.7 does not properly calculate the compiled memory allocation for regular expressions that involve a quantified "subpattern containing a named recursion or subroutine reference," which allows context-dependent attackers to cause a denial of service (error or crash).
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 7.4-0ubuntu0.6.06.1 |
| devel | not-affected | |
| edgy | released | 7.4-0ubuntu0.6.10.1 |
| feisty | not-affected | |
| gutsy | not-affected | |
| upstream | released | 6.7 |
Показывать по
Ссылки на источники
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Perl-Compatible Regular Expression (PCRE) library before 6.7 does not properly calculate the compiled memory allocation for regular expressions that involve a quantified "subpattern containing a named recursion or subroutine reference," which allows context-dependent attackers to cause a denial of service (error or crash).
Perl-Compatible Regular Expression (PCRE) library before 6.7 does not properly calculate the compiled memory allocation for regular expressions that involve a quantified "subpattern containing a named recursion or subroutine reference," which allows context-dependent attackers to cause a denial of service (error or crash).
Perl-Compatible Regular Expression (PCRE) library before 6.7 does not ...
Perl-Compatible Regular Expression (PCRE) library before 6.7 does not properly calculate the compiled memory allocation for regular expressions that involve a quantified "subpattern containing a named recursion or subroutine reference," which allows context-dependent attackers to cause a denial of service (error or crash).
ELSA-2007-1059: Important: pcre security update (IMPORTANT)
EPSS
4.3 Medium
CVSS2