CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
EPSS
Percentile
93.2%
Perl-Compatible Regular Expression (PCRE) library before 6.7 does not properly calculate the compiled memory allocation for regular expressions that involve a quantified “subpattern containing a named recursion or subroutine reference,” which allows context-dependent attackers to cause a denial of service (error or crash).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | glib2.0 | < 2.14.3-1 | glib2.0_2.14.3-1_all.deb |
Debian | 11 | all | glib2.0 | < 2.14.3-1 | glib2.0_2.14.3-1_all.deb |
Debian | 999 | all | glib2.0 | < 2.14.3-1 | glib2.0_2.14.3-1_all.deb |
Debian | 13 | all | glib2.0 | < 2.14.3-1 | glib2.0_2.14.3-1_all.deb |
Debian | 12 | all | pcre3 | < 6.7-1 | pcre3_6.7-1_all.deb |
Debian | 11 | all | pcre3 | < 6.7-1 | pcre3_6.7-1_all.deb |
Debian | 999 | all | pcre3 | < 6.7-1 | pcre3_6.7-1_all.deb |