In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression. https://nvd.nist.gov/vuln/detail/CVE-2017-11164