Описание
The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 2:8.39-3 |
| bionic | not-affected | 2:8.39-3 |
| cosmic | not-affected | 2:8.39-3 |
| devel | not-affected | 2:8.39-3 |
| disco | not-affected | 2:8.39-3 |
| eoan | not-affected | 2:8.39-3 |
| esm-infra-legacy/trusty | not-affected | code not present |
| esm-infra/bionic | not-affected | 2:8.39-3 |
| esm-infra/focal | not-affected | 2:8.39-3 |
| esm-infra/xenial | released | 2:8.38-3.1ubuntu0.1~esm2 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression.
The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression.
The compile_bracket_matchingpath function in pcre_jit_compile.c in PCR ...
The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression.
EPSS
5 Medium
CVSS2
7.5 High
CVSS3