[3.6] php7: Multiple vulnerabilities (CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229)ID: oval:org.secpod.oval:def:1800817 | Date: (C)2018-03-28 (M)2024-05-09 |
Class: PATCH | Family: unix |
CVE-2017-9224: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at during regular expression searching. A logical error involving order of validation and access in match_at could result in an out-of-bounds read from a stack buffer. Fixed in: php 7.1.7
Platform: |
Alpine Linux 3.6 |