Known Vulnerabilities for Oniguruma by Oniguruma Project
Listed below are 10 of the newest known vulnerabilities associated with "Oniguruma" by "Oniguruma Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2019-19246 json | Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match i... | 7.5 - HIGH | 2019-11-25 | 2023-11-07 |
| CVE-2019-19204 json | An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch... | 7.5 - HIGH | 2019-11-21 | 2023-11-07 |
| CVE-2019-19203 json | An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar poi... | 7.5 - HIGH | 2019-11-21 | 2023-11-07 |
| CVE-2019-19012 json | An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds ... | 9.8 - CRITICAL | 2019-11-17 | 2023-11-07 |
| CVE-2019-16163 json | Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. | 7.5 - HIGH | 2019-09-09 | 2023-11-07 |
| CVE-2019-13225 json | A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of serv... | 6.5 - MEDIUM | 2019-07-10 | 2023-11-07 |
| CVE-2019-13224 json | A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclo... | 9.8 - CRITICAL | 2019-07-10 | 2023-11-07 |
| CVE-2017-9229 json | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5.... | 7.5 - HIGH | 2017-05-24 | 2022-09-01 |
| CVE-2017-9228 json | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5.... | 9.8 - CRITICAL | 2017-05-24 | 2022-07-20 |
| CVE-2017-9227 json | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5.... | 9.8 - CRITICAL | 2017-05-24 | 2022-07-20 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Oniguruma Project | Oniguruma | 6.9.6 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.6 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.6 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.6 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.6 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.5 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.5 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.5 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.5 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.4 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.4 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.4 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.4 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.3 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.2 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.2 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.2 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.2 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.1 | |||
| Application | Oniguruma Project | Oniguruma | 6.9.0 |