29 matches found
CLSA-2025-1757666588 ruby: Fix of CVE-2017-9226
CVE-2017-9226: fix a heap out-of-bounds write or read occurs in nextstateval during regular expression compilation...
Important: php
Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in nextstateval during regular expression compilation. Octal numbers larger than 0xff are not handled correctly i...
Linux Distros Unpatched Vulnerability : CVE-2017-9226
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read...
RHEL 6 : oniguruma (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - oniguruma: integer overflow in searchinrange function in regexec.c leads to out-of-bounds read...
RHEL 5 : oniguruma (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - oniguruma: integer overflow in searchinrange function in regexec.c leads to out-of-bounds read...
Amazon Linux 2 : oniguruma (ALAS-2023-2311)
The version of oniguruma installed on the remote host is prior to 5.9.6-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2311 advisory. An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through...
Important: oniguruma
Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in nextstateval during regular expression compilation. Octal numbers larger than 0xff are not handled correctly i...
K01709026: PHP vulnerabilities CVE-2017-7890 and CVE-2017-9226
Security Advisory Description CVE-2017-7890 The GIF decoding function gdImageCreateFromGifCtx in gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized...
Ubuntu: Security Advisory (USN-3382-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oniguruma Project Memory Corruption (CVE-2017-9226)
A memory corruption vulnerability exists in Oniguruma project oniguruma 6.2.0. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-2221)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : ruby (EulerOS-SA-2019-2403)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bound...
Security Bulletin: Vulnerabilities in PHP affect IBM Chassis Management Module (CVE-2017-9227, CVE-2017-9226, CVE-2017-9224)
Summary IBM Chassis Management Module has addressed the following vulnerabilities in PHP. Vulnerability Details Summary IBM Chassis Management Module has addressed the following vulnerabilities in PHP. Vulnerability Details: CVEID: CVE-2017-9227 Description: Oniguruma is vulnerable to a stack-bas...
SUSE SLES12 Security Update : php7 (SUSE-SU-2017:1717-1)
This update for php7 fixes the following security issues : - CVE-2017-9224: stack out-of-bounds read occurs in matchat could lead to Denial of service bsc1040891 - CVE-2017-9226: heap out-of-bounds write orread occurs in nextstateval could lead to Denial of servicebsc1040889 - CVE-2017-9227: stac...
SUSE SLES12 Security Update : php5 (SUSE-SU-2017:1662-1)
This update for php5 fixes the following security issues : - CVE-2016-6294: The localeacceptfromhttp function in ext/intl/locale/localemethods.c did not properly restrict calls to the ICU ulocacceptLanguageFromHTTP function, which allowed remote attackers to cause a denial of service out-of-bound...
Debian: Security Advisory (DLA-958-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PHP vulnerabilities CVE-2017-9226 and CVE-2017-7890
F5 Product Development has evaluated the currently supported releases for potential vulnerability. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the...
Fedora Update for php FEDORA-2017-b8bb4b86e2
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : oniguruma (2017-ee01a2ced6)
Multiple security flaws were found on the previous version of oniguruma. This new version should fix the issue. Fixed CVEs: CVE-2017-9226 CVE-2017-9225 CVE-2017-9224 CVE-2017-9227 CVE-2017-9229 CVE-2017-9228 Note that Tenable Network Security has extracted the preceding description block directly...
Fedora Update for php FEDORA-2017-b674dc22ad
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...