SUSE CVE-2017-9229

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in leftadjustcharhead during regular expression compilation. Invalid handling of reg-dmax in forwardsearchrange could result in an invalid pointer...

oniguruma: Invalid pointer dereference in left_adjust_char_head()

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in leftadjustcharhead during regular expression compilation. Invalid handling of reg-dmax in forwardsearchrange could result in an invalid pointer...

The vulnerability of the Oniguruma library, which arises from the use of an uninitialized variable, allows a hacker to perform read operations beyond the buffer boundary in dynamic memory.

The vulnerability of the Oniguruma library exists due to incorrect processing of reg-dmin in the forwardsearchrange function. This allows the use of an uninitialized variable during data reading from the buffer. Exploiting this vulnerability could enable a malicious actor to read beyond the...

DEBIAN-CVE-2017-9227

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbcenclen during regular expression searching. Invalid handling of reg-dmin in forwardsearchrange could result in an invalid pointer...