OSV-2025-300

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/pcre2/OSV-2025-300.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2025-300

Published

2025-04-26T00:15:04.274172Z

Modified

2025-04-26T00:15:04.274471Z

Summary

Negative-size-param in recurse_update_offsets

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=413078692

Crash type: Negative-size-param
Crash state:
recurse_update_offsets
match
pcre2_match_8

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=413078692

Affected packages

OSS-Fuzz / pcre2

Package

Name: pcre2
Purl: pkg:generic/pcre2

Affected ranges

Type: GIT
Repo: https://github.com/PCRE2Project/pcre2
Events: Introduced

903bdebae697a2cc8beed6535d51a3aea6c814c0

Fixed

bcc12d905673533457a897d6362a816d1dbd366d

Affected versions

pcre2-10.*

pcre2-10.45

Ecosystem specific

{
    "severity": null
}

Database specific

{
    "introduced_range": "2e03e323339ab692640626f02f8d8d6f95bff9c6:a73417315a28ad6a510c6be3054349cacf8cfb8b",
    "fixed_range": "8f6c990c9b6061f4deb5cc5fe1bd324f81f8eb97:bcc12d905673533457a897d6362a816d1dbd366d"
}