Re2c Security Vulnerabilities

CVE-2018-21232

re2c before 2.0 has uncontrolled recursion that causes stack consumption in find_fixed_tags.

CVE-2020-11958

re2c 1.3 has a heap-based buffer overflow in Scanner::fill in parse/scanner.cc via a long lexeme.

CVE-2022-23901

A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/dead_rules.cc.