Andrews Salomon

**Name of the Vulnerable Software and Affected Versions** PCRE library versions prior to 6.7 libpcre versions prior to 7.3-r1 pcre-32bit (affected versions not specified) pcre (affected versions not specified) pcre-devel (affected versions not specified) **Description** The issue is related to an integer overflow in the Perl-Compatible Regular Expression (PCRE) library, which allows context-dependent attackers to execute arbitrary code via a regular expression containing a large number of named subpatterns (`name count`) or long subpattern names (`max name size`), triggering a buffer overflow. Multiple vulnerabilities in the PCRE library can lead to a violation of confidentiality, integrity, and availability of protected information, and can be exploited remotely. **Recommendations** For PCRE library versions prior to 6.7, update to version 6.7 or later. For libpcre versions prior to 7.3-r1, update to version 7.3-r1 or later. For pcre-32bit, pcre, and pcre-devel, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the vulnerable components until a patch is available.