Known Vulnerabilities for products from Oniguruma Project
Listed below are 13 of the newest known vulnerabilities associated with the vendor "Oniguruma Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2019-19246 | Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match i... | 7.5 - HIGH | 2019-11-25 | 2023-11-07 |
| CVE-2019-19204 | An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch... | 7.5 - HIGH | 2019-11-21 | 2023-11-07 |
| CVE-2019-19203 | An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar poi... | 7.5 - HIGH | 2019-11-21 | 2023-11-07 |
| CVE-2019-19012 | An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds ... | 9.8 - CRITICAL | 2019-11-17 | 2023-11-07 |
| CVE-2019-16163 | Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. | 7.5 - HIGH | 2019-09-09 | 2023-11-07 |
| CVE-2019-13225 | A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of serv... | 6.5 - MEDIUM | 2019-07-10 | 2023-11-07 |
| CVE-2019-13224 | A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclo... | 9.8 - CRITICAL | 2019-07-10 | 2023-11-07 |
| CVE-2017-9229 | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5.... | 7.5 - HIGH | 2017-05-24 | 2022-09-01 |
| CVE-2017-9228 | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5.... | 9.8 - CRITICAL | 2017-05-24 | 2022-07-20 |
| CVE-2017-9227 | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5.... | 9.8 - CRITICAL | 2017-05-24 | 2022-07-20 |
| CVE-2017-9226 | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5.... | 9.8 - CRITICAL | 2017-05-24 | 2022-07-20 |
| CVE-2017-9225 | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5.... | 9.8 - CRITICAL | 2017-05-24 | 2017-06-02 |
| CVE-2017-9224 | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5.... | 9.8 - CRITICAL | 2017-05-24 | 2022-07-20 |
Known software with vulnerabilities from Oniguruma Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Oniguruma Project | Oniguruma | 5.9.6 |