OSV-2026-532 Heap-buffer-overflow in regsub

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=499446092 Crash type: Heap-buffer-overflow READ 1 Crash state: regsub formatreplace formatexpand1...

Azure Linux 3.0 Security Update: haproxy (CVE-2025-32464)

The version of haproxy installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32464 advisory. - HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer...

The vulnerability of the sample_conv regsub function in server-side HAProxy software arises from incorrect comparisons using erroneous factors, allowing attackers to compromise the accessibility of protected information.

The vulnerability of the sampleconv regsub function in HAProxy-related software is related to incorrect comparisons when error factors are used. Exploiting this vulnerability can allow a malicious actor to compromise the accessibility of protected information...

HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one.

...

Security update for haproxy

This update for haproxy fixes the following issues: CVE-2025-32464: Fixed heap-based buffer overflow in sampleconvregsub. bsc1240971 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...

SUSE CVE-2025-32464

HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one...

DEBIAN-CVE-2025-32464

HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one...

UBUNTU-CVE-2025-32464

HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one...

CLSA-2023-1699467659 Fix CVE(s): CVE-2023-0288, CVE-2023-0054

SECURITY UPDATE: a heap-based overflow - debian/patches/CVE-2023-0288.patch: prevent the cursor from moving to line zero - CVE-2023-0288 SECURITY UPDATE: an out-of-bounds write - debian/patches/CVE-2023-0054.patch: check the return value of vimregsub - CVE-2023-0054...

vim: out-of-bounds write in vim_regsub_both() in regexp.c

A flaw was found in vim. The vulnerability occurs due to Illegal memory access and leads to an out-of-bounds write vulnerability in the vimregsubboth function. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution...