7 matches found
SUSE CVE-2017-9229
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in leftadjustcharhead during regular expression compilation. Invalid handling of reg-dmax in forwardsearchrange could result in an invalid pointer...
The vulnerability of the Oniguruma regular expression library, related to an uncontrolled recursion, allows a hacker to trigger a service failure.
The vulnerability of the Oniguruma regular expression library is related to an uncontrolled recursion. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
Moderate: oniguruma security update
Oniguruma is a regular expressions library that supports a variety of character encodings. Security Fixes: oniguruma: NULL pointer dereference in matchat in regexec.c CVE-2019-13225 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
UBUNTU-CVE-2019-19246
Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in strlowercasematch in regexec.c...
The vulnerability of the Oniguruma library, which arises from the use of an uninitialized variable, allows a hacker to perform read operations beyond the buffer boundary in dynamic memory.
The vulnerability of the Oniguruma library exists due to incorrect processing of reg-dmin in the forwardsearchrange function. This allows the use of an uninitialized variable during data reading from the buffer. Exploiting this vulnerability could enable a malicious actor to read beyond the...
The vulnerability of the Oniguruma library, which allows a hacker to influence the accessibility of information
The vulnerability of the matchat function in the Oniguruma library exists due to access control errors. Exploiting this vulnerability could allow a malicious actor to influence the accessibility of information by reading beyond the buffer on the stack during regular expression search operations...
The vulnerability of the Oniguruma library, which arises from the use of an uninitialized variable and allows for memory corruption to occur.
The vulnerability of the Oniguruma library arises from an improper change in the state of the parsecharclass function. This allows for the use of an uninitialized variable during writing to the buffer. Exploiting this vulnerability could enable a malicious actor to cause memory corruption by...