Download
| Alert*
|
oval:org.secpod.oval:def:116904
Oniguruma is a regular expressions library. The characteristics of this library is that different character encoding for every regular expression object can be specified oval:org.secpod.oval:def:2105193 Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. oval:org.secpod.oval:def:116903 Oniguruma is a regular expressions library. The characteristics of this library is that different character encoding for every regular expression object can be specified oval:org.secpod.oval:def:1601064 A use-after-free in onig_new_deluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte en ... oval:org.secpod.oval:def:59775 A NULL Pointer Dereference in match_at in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression.Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. oval:org.secpod.oval:def:1504193 [1:1.3.2-1.el7] - Updates for OVMF/AAVMF Version 1.3.2 including: * Fri Jul 31 2020 Aaron Young - Create new 1.3.2 release for OL7 * Fri May 01 2020 Aaron Young - Create new 1.3.1 release for OL7 * Wed Feb 05 2020 Aaron Young - Create new 1.3 release for OL7 which includes the following fixed CVEs: ... oval:org.secpod.oval:def:89046983 This update for oniguruma fixes the following issues: - CVE-2019-19246: Fixed an out of bounds access during regular expression matching . - CVE-2019-19204: Fixed an out of bounds access when compiling a crafted regular expression . - CVE-2019-19203: Fixed an out of bounds access when performing a s ... oval:org.secpod.oval:def:3300651 SUSE Security Update: Security update for oniguruma oval:org.secpod.oval:def:1700210 A use-after-free in onig_new_deluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte en ... oval:org.secpod.oval:def:1507339 [6.8.2-2.1] - Fix CVE-2019-13224 Resolves: RHEL-6970 - Fix CVE-2019-16163 Resolves: RHEL-9506 - Fix CVE-2019-19012 Resolves: RHEL-9511 - Fix CVE-2019-19203 Resolves: RHEL-9510 - Fix CVE-2019-19204 Resolves: RHEL-9509 oval:org.secpod.oval:def:2501338 Oniguruma is a regular expressions library that supports a variety of character encodings. oval:org.secpod.oval:def:509084 Oniguruma is a regular expressions library that supports a variety of character encodings. Security Fix: oniguruma: Use-after-free in onig_new_deluxe in regext.c oniguruma: Stack exhaustion in regcomp.c because of recursion in regparse.c oniguruma: integer overflow in search_in_range function in r ... oval:org.secpod.oval:def:1601052 When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information d ... oval:org.secpod.oval:def:2500206 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:504284 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers * php: Buffer over-read in exif_read_data ... oval:org.secpod.oval:def:2105112 Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable. oval:org.secpod.oval:def:1503030 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:66572 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers * php: Buffer over-read in exif_read_data ... oval:org.secpod.oval:def:97632 [CLSA-2022:1651177943] Fix of 227 CVE |
