« List of all CVEs

CVE-2006-7230

Published: 11/15/2007 Last updated: 8/7/2024 Reserved: 11/15/2007

Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate the amount of memory needed for a compiled regular expression pattern when the (1) -x or (2) -i UTF-8 options change within the pattern, which allows context-dependent attackers to cause a denial of service (PCRE or glibc crash) via crafted regular expressions.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (6)

conf-libpcre conf-libpcre2-8 conf-mingw-w64-pcre2-i686 conf-mingw-w64-pcre2-x86_64 conf-mingw-w64-pcre-i686 conf-mingw-w64-pcre-x86_64

Products affected (1)

Product	Vendor	Version
n/a	n/a	< 17.4.15

References (56)