3 matches found
oniguruma: Use-after-free in onig_new_deluxe() in regext.c
A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte...
Oracle Linux 7 : edk2 (ELSA-2020-5861)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5861 advisory. - Create new 1.3 release for OL7 which includes the following fixed CVEs: CVE-2018-12182 CVE-2019-13224 CVE-2019-13225 CVE-2019-14553 Fri May 17 2019...
Oniguruma Memory Misreference Vulnerability
Oniguruma is a BSD-licensed regular expression library that supports multiple character encodings. A memory misreference vulnerability exists in onignewdeluxe in regext.c in Oniguruma 6.9.2, which can be exploited by an attacker to obtain information, execute code, or cause a denial of service by...