Lucene search
K

27 matches found

OSV
OSV
added 2017/05/24 3:29 p.m.2 views

DEBIAN-CVE-2017-9225

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds write in onigencunicodegetcasefoldcodesbystr occurs during regular expression compilation. Code point 0xFFFFFFFF is not properly handled in...

9.8CVSS9.7AI score0.0308EPSS
Exploits1References1
OSV
OSV
added 2017/05/24 3:29 p.m.0 views

DEBIAN-CVE-2017-9229

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in leftadjustcharhead during regular expression compilation. Invalid handling of reg-dmax in forwardsearchrange could result in an invalid pointer...

7.5CVSS9.3AI score0.05129EPSS
Exploits1References1
OSV
OSV
added 2017/05/24 12:0 a.m.5 views

UBUNTU-CVE-2017-9226

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in nextstateval during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetchtoken and...

9.8CVSS6.8AI score0.07511EPSS
Exploits1References4
OSV
OSV
added 2017/05/24 12:0 a.m.3 views

UBUNTU-CVE-2017-9228

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect...

9.8CVSS7AI score0.06261EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2017/05/24 12:0 a.m.15 views

PT-2017-18794 · Php +5 · Mbstring +6

Name of the Vulnerable Software and Affected Versions: Oniguruma version 6.2.0 Oniguruma-mod in Ruby versions through 2.4.1 mbstring in PHP versions through 7.1.5 Description: An issue was discovered that causes a SIGSEGV in left adjust char head during regular expression compilation. This occurs...

9.8CVSS8AI score0.73927EPSS
Exploits30References270
OSV
OSV
added 2015/12/02 1:59 a.m.3 views

DEBIAN-CVE-2015-8381

The compileregex function in pcrecompile.c in PCRE before 8.38 and pcre2compile.c in PCRE2 before 10.2x mishandles the /?J:?|:?|?'R'\k'R'|?'R'H'Rk'Rf|s?'R'/ and /?J:?|:?|?'R'\z?|?'R'\k'R'|?'R'k'R'|?'R'H'Ak'Rf|s?'R'/ patterns, and related patterns with certain group references, which allows remote...

7.5CVSS8.8AI score0.05286EPSS
Exploits1References1
OSV
OSV
added 2015/04/01 12:0 a.m.5 views

UBUNTU-CVE-2015-2326

The pcrecompile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service out-of-bounds read via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by...

5.5CVSS6.8AI score0.01592EPSS
Exploits1References4
Rows per page
Query Builder