{"id":"CVE-2016-9954","details":"The backtrack compilation code in the Irregex package (aka IrRegular Expressions) before 0.9.6 for Scheme allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression with a repeating pattern.","modified":"2026-05-16T12:01:32.229847316Z","published":"2017-04-21T20:59:00.883Z","database_specific":{},"references":[{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2016/12/15/8"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/94942"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1413990"},{"type":"FIX","url":"https://github.com/ashinn/irregex/commit/a16ffc86eca15fca9e40607d41de3cea9cf868f1"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}