CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-11164

In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.8%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 7.8

References

http://openwall.com/lists/oss-security/2017/07/11/3
http://www.openwall.com/lists/oss-security/2023/04/11/1
http://www.openwall.com/lists/oss-security/2023/04/12/1
http://www.securityfocus.com/bid/99575
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
http://openwall.com/lists/oss-security/2017/07/11/3
http://www.openwall.com/lists/oss-security/2023/04/11/1
http://www.openwall.com/lists/oss-security/2023/04/12/1
http://www.securityfocus.com/bid/99575
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E

Products affected by CVE-2017-11164

Pcre » Pcre » Version: 8.41

cpe:2.3:a:pcre:pcre:8.41

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-11164

Products

Pricing

Contact Us