RHSA-2024:0889 -- Redhat onigurumaID: oval:org.secpod.oval:def:509084 | Date: (C)2024-03-12 (M)2024-03-12 |
Class: PATCH | Family: unix |
Oniguruma is a regular expressions library that supports a variety of character encodings. Security Fix: oniguruma: Use-after-free in onig_new_deluxe in regext.c oniguruma: Stack exhaustion in regcomp.c because of recursion in regparse.c oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c oniguruma: Heap-based buffer over-read in function fetch_interval_quantifier in regparse.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 8 |