Astra Linux – Vulnerability in libonig

Oniguruma, as used in PHP 7.3.x and other products, has a heap-based buffer over-read issue in the strlowercasematch function in regexec.c...

Astra Linux – Vulnerability in libonig

A issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function gb18030mbcenclen in the file gb18030.c, a UChar pointer was dereferenced without checking whether it pointed to the end of the matched string. This resulted in a buffer overflow...

Astra Linux – Vulnerability in libonig

A NULL pointer dereference in the matchat function in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause a denial of service by providing a crafted regular expression. Oniguruma vulnerabilities often affect Ruby, as well as common optional libraries used in PHP and Rust...

Debian: Security Advisory (DLA-2431)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-4460-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2431-2] libonig regression update

Debian LTS Advisory DLA-2431-2 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 30, 2021 https://wiki.debian.org/LTS Package : libonig Version : 6.1.3-2+deb9u2 CVE ID : CVE-2020-26159 It was discovered that CVE-2020-26159 in the Oniguruma regular expression...

DLA-2431-2 libonig - regression update

Bulletin has no description...

Debian DLA-2431-2 : libonig regression update

It was discovered that CVE-2020-26159 in the Oniguruma regular expressions library, notably used in PHP mbstring, was a false-positive. In consequence the patch for CVE-2020-26159 was reverted. For reference, the original advisory text follows. CVE-2020-26159 In Oniguruma an attacker able to supp...

[SECURITY][DLA 2431-1] libonig security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2431-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 05, 2020 https://wiki.debian.org/LTS -...

Debian: Security Advisory (DLA-2431-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-2431-1 libonig - security update

Bulletin has no description...

The vulnerability of the onig_new_deluxe function in the regular expression library for multi-binary strings libonig allows a hacker to gain unauthorized access to protected information and compromise its integrity and accessibility.

The vulnerability of the onignewdeluxe function in the regular expression library libonig relates to memory usage after deallocation. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information and compromise its integrity and accessibility...

Debian DLA-2020-1 : libonig security update

Several vulnerabilities were discovered in the Oniguruma regular expressions library, notably used in PHP mbstring. CVE-2019-19012 An integer overflow in the searchinrange function in regexec.c leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker...

Debian: Security Advisory (DLA-2020-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2020-1] libonig security update

Package : libonig Version : 5.9.5-3.2+deb8u4 CVE ID : CVE-2019-19012 CVE-2019-19204 CVE-2019-19246 Debian Bug : 944959 945313 Several vulnerabilities were discovered in the Oniguruma regular expressions library, notably used in PHP mbstring. CVE-2019-19012 An integer overflow in the searchinrange...

DLA-2020-1 libonig - security update

Bulletin has no description...

Debian DLA-1918-1 : libonig security update

The Oniguruma regular expressions library, notably used in PHP mbstring, is vulnerable to stack exhaustion. A crafted regular expression can crash the process. For Debian 8 'Jessie', this problem has been fixed in version 5.9.5-3.2+deb8u3. We recommend that you upgrade your libonig packages. NOTE...

Debian: Security Advisory (DLA-1918-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1918-1] libonig security update

Package : libonig Version : 5.9.5-3.2+deb8u3 CVE ID : CVE-2019-16163 Debian Bug : 939988 The Oniguruma regular expressions library, notably used in PHP mbstring, is vulnerable to stack exhaustion. A crafted regular expression can crash the process. For Debian 8 "Jessie", this problem has been fix...

DLA-1918-1 libonig - security update

Bulletin has no description...