CLD-66 Details

Other IDs this deficiency may be known by:

CVE ID CVE-2017-7186 (nvd) (mitre) (debian) (archlinux) (red hat) (suse) (ubuntu)
Other ID(s)

Basic Information:

Affected Package(s) pcre
Deficiency Type SECURITY
Date Created 2017-10-08 10:39:00
Date Last Modified 2017-10-08 15:13:35

Version Specific Information:

Cucumber 1.0 i686fixed in pcre-8.41-i686-1
Cucumber 1.0 x86_64fixed in pcre-8.41-x86_64-1

Cucumber 1.1 i686 fixed in pcre-8.41-i686-1
Cucumber 1.1 x86_64 fixed in pcre-8.41-x86_64-1


libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to
cause a denial of service (segmentation violation for read access, and
application crash) by triggering an invalid Unicode property lookup

This vulnerability has been anaylized extensively on the Gentoo blog. They claim
that this vulnerability has been fixed in pcre 8.41