Known Vulnerabilities for Oniguruma by Oniguruma Project
Listed below are 10 of the newest known vulnerabilities associated with "Oniguruma" by "Oniguruma Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2019-19246 | Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match i... | 7.5 - HIGH | 2019-11-25 | 2023-11-07 |
| CVE-2019-19204 | An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch... | 7.5 - HIGH | 2019-11-21 | 2023-11-07 |
| CVE-2019-19203 | An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar poi... | 7.5 - HIGH | 2019-11-21 | 2023-11-07 |
| CVE-2019-19012 | An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds ... | 9.8 - CRITICAL | 2019-11-17 | 2023-11-07 |
| CVE-2019-16163 | Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. | 7.5 - HIGH | 2019-09-09 | 2023-11-07 |
| CVE-2019-13225 | A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of serv... | 6.5 - MEDIUM | 2019-07-10 | 2023-11-07 |
| CVE-2019-13224 | A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclo... | 9.8 - CRITICAL | 2019-07-10 | 2023-11-07 |
| CVE-2017-9226 | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5.... | 9.8 - CRITICAL | 2017-05-24 | 2022-07-20 |
| CVE-2017-9225 | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5.... | 9.8 - CRITICAL | 2017-05-24 | 2017-06-02 |
| CVE-2017-9224 | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5.... | 9.8 - CRITICAL | 2017-05-24 | 2022-07-20 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Oniguruma Project | Oniguruma | 6.9.6 | rc4 | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.6 | rc3 | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.6 | rc2 | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.6 | rc1 | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.6 | - | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.5 | - | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.5 | rc1 | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.5 | rc2 | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.5 | revised_1 | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.4 | rc3 | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.4 | rc2 | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.4 | rc1 | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.4 | - | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.3 | All | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.2 | rc3 | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.2 | rc2 | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.2 | rc1 | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.2 | - | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.1 | All | All | All |
| Application | Oniguruma Project | Oniguruma | 6.9.0 | All | All | All |