Peter Manev

**Name of the Vulnerable Software and Affected Versions** PCRE version 8.35 **Description** The issue is related to the `pcre jit compile.c` file in PCRE, which does not properly use table jumps to optimize nested alternatives. This allows remote attackers to cause a denial of service, specifically stack memory corruption, or possibly have other unspecified impacts via a crafted string. This has been demonstrated by packets encountered by Suricata during the use of a regular expression in an Emerging Threats Open ruleset. **Recommendations** For PCRE version 8.35, consider updating to a newer version that addresses this issue, as the current version does not properly handle nested alternatives, leading to potential denial of service or other impacts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.