The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Denial Of Service
Buffer Overflow
Pcre
PHP
Fedora
+1
NVD
CVSS 3.1
9.8
EPSS
2.5%