[3.5] oniguruma: Multiple vulnerabilities (CVE-2017-9224, CVE-2017-9225, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228)| ID: oval:org.secpod.oval:def:1800910 | Date: (C)2018-03-28 (M)2024-04-17 |
| Class: PATCH | Family: unix |
CVE-2017-9224: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at during regular expression searching. A logical error involving order of validation and access in match_at could result in an out-of-bounds read from a stack buffer. Fixed In Version oniguruma 6.3.0
| Platform: |
| Alpine Linux 3.5 |
