The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE up to and including 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pcre pcre |