3 matches found
CLSA-2026-1776856106 Fix CVE(s): CVE-2019-13224, CVE-2019-19246
SECURITY UPDATE: use-after-free in oniguruma onignewdeluxe - debian/patches/CVE-2019-13224.patch: reject mismatched encodings in ext/mbstring/oniguruma/regext.c so onignewdeluxe returns ONIGERRNOTSUPPORTEDENCODINGCOMBINATION instead of calling the buggy convencoding path. - CVE-2019-13224 SECURIT...
oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c
A vulnerability was found in Oniguruma, where improper bounds checking in strlowercasematch within regexec.c can cause a heap-based buffer overflow, a remote attacker could exploit this flaw to crash the application or, in certain scenarios, execute arbitrary code. This occurs when the applicatio...
EulerOS 2.0 SP8 : oniguruma (EulerOS-SA-2020-1019)
According to the versions of the oniguruma package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.CVE-2019-16163 - An issue was discovered in...