Lucene search
Veracode Vulnerability DatabaseVERACODE:19316HistoryMay 16, 2019 - 2:59 a.m.
Out-Of-Bounds Read
2019-05-1602:59:59
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.003 Low
EPSS
Percentile
71.5%
PHP is vulnerable to out-of-bounds reads. The vulnerability exists in mbc_enc_len() during regular expression searching. reg->dmin in forward_search_range() when not handled properly would result in an invalid pointer dereference as an out-of-bounds read from a stack buffer.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rh-php70-php | eq | 7.0.10__2.el7 | |
| rh-php70-php | eq | 7.0.10__2.el6 | |
| rh-php70-php | eq | 7.0.10__2.el7 | |
| rh-php70-php | eq | 7.0.10__2.el6 |
References
www.securityfocus.com/bid/100538
access.redhat.com/documentation/en-us/red_hat_software_collections/3/html/3.1_release_notes/chap-rhscl#sect-RHSCL-Changes-php
access.redhat.com/errata/RHSA-2018:1296
access.redhat.com/security/updates/classification/#moderate
github.com/kkos/oniguruma/commit/9690d3ab1f9bcd2db8cbe1fe3ee4a5da606b8814
github.com/kkos/oniguruma/issues/58
Related
osv
osv
CVE-2017-9227
2017-05-24 15:29:00
libonig - security update
2017-05-28 00:00:00
amazon
amazon
Important: php
2024-04-11 01:07:00
Important: oniguruma
2023-10-12 15:09:00
Medium: php56
2017-08-17 18:16:00
cvelist
cvelist
CVE-2017-9227
2017-05-24 15:00:00
prion
prion
Stack overflow
2017-05-24 15:29:00
nvd
nvd
CVE-2017-9227
2017-05-24 15:29:00
nessus
nessus
Amazon Linux 2 : php (ALAS-2024-2520)
2024-04-18 00:00:00
SUSE SLES12 Security Update : php5 (SUSE-SU-2017:1662-1)
2019-01-02 00:00:00
Photon OS 1.0: Ruby PHSA-2017-0021
2019-02-07 00:00:00
f5
f5
K61164061 : PHP vulnerability CVE-2017-9227
2017-07-24 00:00:00
alpinelinux
alpinelinux
CVE-2017-9227
2017-05-24 15:29:00
redhatcve
redhatcve
CVE-2017-9227
2017-06-30 11:21:32
debiancve
debiancve
CVE-2017-9227
2017-05-24 15:29:00
ubuntucve
ubuntucve
CVE-2017-9227
2017-05-24 00:00:00
cve
cve
CVE-2017-9227
2017-05-24 15:29:00
ibm
ibm
Security Bulletin: Vulnerabilities in php53 affect IBM BladeCenter Advanced Management Module (AMM) (CVE-2017-9227, CVE-2017-9226, CVE-2017-9224)
2023-04-14 14:32:25
openvas
openvas
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-2403)
2020-01-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:1662-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:1585-1)
2021-06-09 00:00:00
freebsd
freebsd
oniguruma -- multiple vulnerabilities
2017-07-06 00:00:00
slackware
slackware
[slackware-security] php
2017-07-08 00:39:45
fedora
fedora
[SECURITY] Fedora 24 Update: php-5.6.31-1.fc24
2017-07-19 01:49:32
[SECURITY] Fedora 24 Update: oniguruma-5.9.6-4.fc24
2017-06-10 10:23:48
[SECURITY] Fedora 26 Update: php-7.1.7-1.fc26
2017-07-18 22:25:50
hackerone
hackerone
debian
debian
[SECURITY] [DLA 958-1] libonig security update
2017-05-28 13:46:37
mageia
mageia
Updated php and libgd packages fix security vulnerabilities
2017-08-08 01:16:24
altlinux
altlinux
Security fix for the ALT Linux 8 package oniguruma version 6.4.0-alt1
2017-07-12 00:00:00
photon
photon
ubuntu
ubuntu
PHP vulnerabilities
2017-12-18 00:00:00
PHP vulnerabilities
2017-08-10 00:00:00
veracode
veracode
Use After Free
2019-05-16 02:59:58
redhat
redhat
rosalinux
rosalinux
Advisory ROSA-SA-2021-1966
2021-07-02 18:06:34
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
cloudlinux
cloudlinux
Fix of 227 CVE
2020-10-15 12:00:00