CVE-2006-7230
EPSS 2.8%
Description
Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate the amount of memory needed for a compiled regular expression pattern when the (1) -x or (2) -i UTF-8 options change within the pattern, which allows context-dependent attackers to cause a denial of service (PCRE or glibc crash) via crafted regular expressions.
How to fix CVE-2006-7230
To remediate CVE-2006-7230, upgrade the affected package to a fixed version below.
- Debian/pcre3—upgrade to 7.0-1 or later
Is CVE-2006-7230 being exploited?
Low — EPSS is 2.8%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 7.0-1