« List of all CVEs

CVE-2017-6004

Published: 2/16/2017 Last updated: 8/5/2024 Reserved: 2/15/2017

The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (6)

conf-libpcre conf-libpcre2-8 conf-mingw-w64-pcre2-i686 conf-mingw-w64-pcre2-x86_64 conf-mingw-w64-pcre-i686 conf-mingw-w64-pcre-x86_64

Products affected (1)

Product Vendor Version
n/a n/a n/a

References (16)