Lucene search
Veracode Vulnerability DatabaseVERACODE:19318HistoryMay 16, 2019 - 3:00 a.m.
Denial Of Service (DoS)
2019-05-1603:00:00
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.003 Low
EPSS
Percentile
65.7%
Oniguruma is vulnerable to denial-of-service attacks. A remote unauthenticated attacker could exploit the flawed function left_adjust_char_head of the component Regular Expressionresult causing an invalid pointer dereference resulting in denial-of-service conditions.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rh-php70-php | eq | 7.0.10__2.el7 | |
| rh-php70-php | eq | 7.0.10__2.el6 | |
| rh-php70-php | eq | 7.0.10__2.el7 | |
| rh-php70-php | eq | 7.0.10__2.el6 |
References
access.redhat.com/documentation/en-us/red_hat_software_collections/3/html/3.1_release_notes/chap-rhscl#sect-RHSCL-Changes-php
access.redhat.com/errata/RHSA-2018:1296
access.redhat.com/security/updates/classification/#moderate
github.com/kkos/oniguruma/commit/b690371bbf97794b4a1d3f295d4fb9a8b05d402d
github.com/kkos/oniguruma/issues/59
Related
alpinelinux
alpinelinux
CVE-2017-9229
2017-05-24 15:29:00
prion
prion
Race condition
2017-05-24 15:29:00
cvelist
cvelist
CVE-2017-9229
2017-05-24 15:00:00
nvd
nvd
CVE-2017-9229
2017-05-24 15:29:00
cve
cve
CVE-2017-9229
2017-05-24 15:29:00
f5
f5
K06844177 : PHP vulnerability CVE-2017-9229
2017-07-21 00:00:00
osv
osv
CVE-2017-9229
2017-05-24 15:29:00
libonig - security update
2017-05-28 00:00:00
redhatcve
redhatcve
CVE-2017-9229
2017-06-30 11:52:57
ubuntucve
ubuntucve
CVE-2017-9229
2017-05-24 00:00:00
debiancve
debiancve
CVE-2017-9229
2017-05-24 15:29:00
ibm
ibm
nessus
nessus
SUSE SLES12 Security Update : php7 (SUSE-SU-2017:3237-1)
2019-01-02 00:00:00
SUSE SLES11 Security Update : php53 (SUSE-SU-2018:0003-1)
2018-01-03 00:00:00
openSUSE Security Update : php7 (openSUSE-2017-1353)
2017-12-14 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:0003-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:3237-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:3277-1)
2021-06-09 00:00:00
amazon
amazon
Important: php
2023-11-29 22:20:00
Important: oniguruma
2023-10-12 15:09:00
Medium: php56
2017-08-17 18:16:00
slackware
slackware
[slackware-security] php
2017-07-08 00:39:45
fedora
fedora
[SECURITY] Fedora 25 Update: php-7.0.21-1.fc25
2017-07-13 19:20:35
[SECURITY] Fedora 25 Update: oniguruma-6.1.3-3.fc25
2017-09-27 05:29:06
[SECURITY] Fedora 24 Update: php-5.6.31-1.fc24
2017-07-19 01:49:32
hackerone
hackerone
debian
debian
[SECURITY] [DLA 958-1] libonig security update
2017-05-28 13:46:37
mageia
mageia
Updated php and libgd packages fix security vulnerabilities
2017-08-08 01:16:24
altlinux
altlinux
Security fix for the ALT Linux 8 package oniguruma version 6.4.0-alt1
2017-07-12 00:00:00
photon
photon
ubuntu
ubuntu
PHP vulnerabilities
2017-12-18 00:00:00
PHP vulnerabilities
2017-08-10 00:00:00
veracode
veracode
Use After Free
2019-05-16 02:59:58
redhat
redhat
rosalinux
rosalinux
Advisory ROSA-SA-2021-1966
2021-07-02 18:06:34
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45