1. Home
  2. CVE Database
  3. CVE-2017-7186
HIGH · 7.5

CVE-2017-7186

libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode p...

Vulnerability Description

libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup.

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
PcrePcre8.40
PcrePcre210.23

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2017-7186?

CVE-2017-7186 is a vulnerability with a CVSS score of 7.5 (HIGH). libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode p...

How severe is CVE-2017-7186?

CVE-2017-7186 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-7186?

Check the references section above for vendor advisories and patch information. Affected products include: Pcre Pcre, Pcre Pcre2.