bde icon indicating copy to clipboard operation
bde copied to clipboard
verified publisher icon bloomberg

Fixed an issue affecting recursions in JIT

Open npt-1707 opened this issue 9 months ago • 1 comments

Hi Development Team,

I identified a potential vulnerability in clone functions in thirdparty/pcre2/pcre2_jit_compile.c sourced from PCRE2Project/pcre2. This issue, originally reported in CVE-2022-1587, was resolved in the repository via this commit https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0.

This PR applies the corresponding patch to fix the vulnerability in this codebase.

Please review at your convenience. Thank you!

npt-1707 avatar May 15 '25 18:05 npt-1707

Thanks!

We had just made a plan to the PCRE version earlier this week. This is certainly added motivation. Will review whether it makes sense to merge this in advance.

mversche avatar May 15 '25 18:05 mversche

Moved to the version of pcre2 with the fix.

osubboo avatar Oct 15 '25 13:10 osubboo