CPE-D3D08DCD-E61F-4222-8B27-DC17596C8573 Détail

CPE Details

Oniguruma Project Oniguruma 6.9.2

Vendor

oniguruma_project

Product

oniguruma

Version

6.9.2

Created

2019-07-11
10h14 +00:00

Modifié

2019-07-11
10h14 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:a:oniguruma_project:oniguruma:6.9.2:-::::::

Informations

Vendor

oniguruma_project

Product

oniguruma

Version

6.9.2

Update

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score	Gravité
CVE-2019-19246	2019-11-25 15h16 +00:00	Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.	7.5	Haute
CVE-2019-19203	2019-11-21 19h06 +00:00	An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read.	7.5	Haute
CVE-2019-19204	2019-11-21 19h06 +00:00	An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read.	7.5	Haute
CVE-2019-19012	2019-11-16 14h30 +00:00	An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression.	9.8	Critique
CVE-2019-16163	2019-09-09 13h38 +00:00	Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.	7.5	Haute
CVE-2019-13224	2019-07-10 11h50 +00:00	A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.	9.8	Critique
CVE-2019-13225	2019-07-10 11h50 +00:00	A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.	6.5	Moyen

Oniguruma Project Oniguruma 6.9.2

CPE Details

CPE Name: cpe:2.3:a:oniguruma_project:oniguruma:6.9.2:-:*:*:*:*:*:*

Informations

Vendor

Product

Version

Update

Related CVE

CPE Name: cpe:2.3:a:oniguruma_project:oniguruma:6.9.2:-::::::