Description
PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
Remediation
References
Related Vulnerabilities
WordPress Plugin Relevanssi Premium-A Better Search Multiple Vulnerabilities (1.14.4)
OpenVPN AS Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-33737)
WordPress Plugin FireStorm Professional Real Estate Multiple SQL Injection Vulnerabilities (2.05.01)