Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PCRE‘pcre_compile’函数拒绝服务漏洞
Vulnerability Description
PCRE(Perl Compatible Regular Expressions)是软件开发者Philip Hazel所研发的一个使用C语言编写的开源正则表达式函数库。 PCRE 8.38之前版本的pcre_compile.c文件中的‘pcre_compile’函数存在安全漏洞,该漏洞源于程序没有正确处理特定的‘[:’嵌套。远程攻击者可借助特制的正则表达式利用该漏洞造成拒绝服务(CPU消耗)。
CVSS Information
N/A
Vulnerability Type
N/A