30 matches found
MiracleLinux 7 : ruby-2.0.0.648-39.0.4.el7.AXS7 (AXSA:2025-10964:04)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10964:04 advisory. CVE-2016-2337: Fix type confusion in canceleval Ruby's TclTkIp class method to prevent arbitrary code execution CVE-2017-9224: Fix stack...
Linux Distros Unpatched Vulnerability : CVE-2017-9224
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs ...
RHEL 5 : oniguruma (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - oniguruma: integer overflow in searchinrange function in regexec.c leads to out-of-bounds read...
RHEL 6 : oniguruma (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - oniguruma: integer overflow in searchinrange function in regexec.c leads to out-of-bounds read...
Amazon Linux AMI : ruby20 (ALAS-2023-1824)
The version of ruby20 installed on the remote host is prior to 2.0.0.648-2.42. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1824 advisory. An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. ...
Medium: ruby20
Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in matchat during regular expression searching. A logical error involving order of validation and access in matchat could...
Medium: oniguruma
Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in matchat during regular expression searching. A logical error involving order of validation and access in matchat could...
Amazon Linux 2 : ruby (ALAS-2023-2201)
The version of ruby installed on the remote host is prior to 2.0.0.648-36. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2201 advisory. An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A...
K34551175: PHP vulnerability CVE-2017-9224
Security Advisory Description An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in matchat during regular expression searching. A logical error involving order of validation and access in...
Ubuntu: Security Advisory (USN-3382-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2020-1195)
According to the versions of the ruby packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1195)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : ruby (EulerOS-SA-2019-2403)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bound...
Security Bulletin: Vulnerabilities in PHP affect IBM Chassis Management Module (CVE-2017-9227, CVE-2017-9226, CVE-2017-9224)
Summary IBM Chassis Management Module has addressed the following vulnerabilities in PHP. Vulnerability Details Summary IBM Chassis Management Module has addressed the following vulnerabilities in PHP. Vulnerability Details: CVEID: CVE-2017-9227 Description: Oniguruma is vulnerable to a stack-bas...
SUSE SLES12 Security Update : php7 (SUSE-SU-2017:1717-1)
This update for php7 fixes the following security issues : - CVE-2017-9224: stack out-of-bounds read occurs in matchat could lead to Denial of service bsc1040891 - CVE-2017-9226: heap out-of-bounds write orread occurs in nextstateval could lead to Denial of servicebsc1040889 - CVE-2017-9227: stac...
SUSE SLES12 Security Update : php5 (SUSE-SU-2017:1662-1)
This update for php5 fixes the following security issues : - CVE-2016-6294: The localeacceptfromhttp function in ext/intl/locale/localemethods.c did not properly restrict calls to the ICU ulocacceptLanguageFromHTTP function, which allowed remote attackers to cause a denial of service out-of-bound...
Debian: Security Advisory (DLA-958-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for php FEDORA-2017-b8bb4b86e2
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 24 : php (2017-5ade380ab2)
PHP version 5.6.31 06 Jul 2017 Core: - Fixed bug php73807 Performance problem with processing post request over 2000000 chars. Nikita - Fixed bug php74111 Heap buffer overread READ: 1 finishnesteddata from unserialize. Nikita - Fixed bug php74603 PHP INI Parsing Stack Buffer Overflow Vulnerabilit...
Fedora 26 : oniguruma (2017-ee01a2ced6)
Multiple security flaws were found on the previous version of oniguruma. This new version should fix the issue. Fixed CVEs: CVE-2017-9226 CVE-2017-9225 CVE-2017-9224 CVE-2017-9227 CVE-2017-9229 CVE-2017-9228 Note that Tenable Network Security has extracted the preceding description block directly...