VYPR
High severity7.5NVD Advisory· Published Dec 13, 2016· Updated Jun 17, 2026

CVE-2015-3217

CVE-2015-3217

Description

PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by /^(?:(?(1)\\.|([^\\\\W_])?)+)+$/.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

26

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.