Details
-
Bug
-
Resolution: Incomplete
-
Not Evaluated
-
None
-
6.6.3
-
None
Description
PCRE is an open source regular expression function library written in C language by Philip Hazel's personal developers. There is a security hole in PCRE. Attackers use this vulnerability to forcibly read the invalid memory address of PCRE through the compile_xclass_matchingpath in pcre2_jit_compile.c, so as to trigger denial of service or obtain sensitive information.