MiracleLinux 7 : php-5.4.16-48.0.12.el7.AXS7 (AXSA:2025-10958:11)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10958:11 advisory. CVE-2017-9228: fix heap out-of-bounds write in bitsetsetrange and parsecharclass functions CVEs: CVE-2017-9228 Tenable has extracted the preceding descripti...

CLSA-2025-1758896397 php: Fix of CVE-2017-9228

CVE-2017-9228: fix heap out-of-bounds write in bitsetsetrange and parsecharclass functions...

CLSA-2025-1758892974 php: Fix of CVE-2017-9228

CVE-2017-9228: fix heap out-of-bounds write in bitsetsetrange and parsecharclass functions...

oniguruma: Out-of-bounds heap write in bitset_set_range()

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect...

The vulnerability of the Oniguruma library, which arises from the use of an uninitialized variable and allows for memory corruption to occur.

The vulnerability of the Oniguruma library arises from an improper change in the state of the parsecharclass function. This allows for the use of an uninitialized variable during writing to the buffer. Exploiting this vulnerability could enable a malicious actor to cause memory corruption by...

The vulnerability of the Oniguruma library, related to the use of an uninitialized variable, which allows for memory corruption to occur.

The vulnerability of the Oniguruma library arises from an incorrect change in the state of the parsecharclass function. This allows for the use of an uninitialized variable during writing to the buffer. Exploiting this vulnerability could enable a malicious actor to cause memory corruption by...

Oniguruma 'bitset_set_range()' function heap boundary write vulnerability

mbstring Multi-Byte String is a language encoding extension library in PHP PHP: Hypertext Preprocessor; Oniguruma-mod is a regular expression library in Ruby programming language.Oniguruma is one of the a regular expression engine. A security vulnerability exists in Oniguruma's 'bitsetsetrange'...

ALPINE-CVE-2017-9228

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect...