What the vulnerability does

01Description

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.

Key dates

02Disclosure timeline

May 16, 2022 CVE published
August 3, 2024 Record updated