SUSE CVE-2017-9224

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in matchat during regular expression searching. A logical error involving order of validation and access in matchat could result in an...

Advisory ROSA-SA-2021-1966

Software: ruby 2.0.0.648 OS: Cobalt 7.9 CVE-ID: CVE-2012-6684 CVE-Crit: MEDIUM CVE-DESC: A cross-site scripting XSS vulnerability in the RedCloth 4.2.9 library for Ruby and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI. CVE-STATUS: default CVE-REV:...

CVE-2017-9229

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in leftadjustcharhead during regular expression compilation. Invalid handling of reg-dmax in forwardsearchrange could result in an invalid pointer...

Oniguruma 'onigenc_unicode_get_case_fold_codes_by_str()' function stack buffer overflow vulnerability

mbstring Multi-Byte String is a language encoding extension library in PHP PHP: Hypertext Preprocessor; Oniguruma-mod is a regular expression library in Ruby programming language.Oniguruma is one of the a regular expression engine. A stack buffer overflow vulnerability exists in the...

Oniguruma Denial of Service Vulnerability

mbstring Multi-Byte String is a language encoding extension library in PHP PHP: Hypertext Preprocessor; Oniguruma-mod is a regular expression library in Ruby programming language.Oniguruma is one of the a regular expression engine. A security vulnerability exists in Ruby's Oniguruma-mod and PHP's...

Oniguruma 'bitset_set_range()' function heap boundary write vulnerability

mbstring Multi-Byte String is a language encoding extension library in PHP PHP: Hypertext Preprocessor; Oniguruma-mod is a regular expression library in Ruby programming language.Oniguruma is one of the a regular expression engine. A security vulnerability exists in Oniguruma's 'bitsetsetrange'...

PT-2017-18794 · Php +5 · Mbstring +6

Name of the Vulnerable Software and Affected Versions: Oniguruma version 6.2.0 Oniguruma-mod in Ruby versions through 2.4.1 mbstring in PHP versions through 7.1.5 Description: An issue was discovered that causes a SIGSEGV in left adjust char head during regular expression compilation. This occurs...

CVE-2017-6181

The CVE-2017-6181 entry corresponds to an unbounded recursion flaw in the Onigmo (Oniguruma-mod) regular expression library’s parse_char_class function (regparse.c) used by Ruby 2.4.0. A crafted regular expression can cause a remote attacker to trigger deep recursion and a potential application c...