Showing 1 - 3 of 3

CVE-2019-13224

Status Candidate

Overview

A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.

Related Files

Red Hat Security Advisory 2020-3662-01: Posted Sep 8, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-3662-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer over-read, buffer overflow, code execution, information leakage, integer overflow, null pointer, out of bounds read, and use-after-free vulnerabilities.; tags | advisory, web, overflow, php, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2019-11039, CVE-2019-11040, CVE-2019-11041, CVE-2019-11042, CVE-2019-11045, CVE-2019-11047, CVE-2019-11048, CVE-2019-11050, CVE-2019-13224, CVE-2019-13225, CVE-2019-16163, CVE-2019-19203, CVE-2019-19204, CVE-2019-19246, CVE-2019-20454, CVE-2020-7059, CVE-2020-7060, CVE-2020-7062, CVE-2020-7063, CVE-2020-7064, CVE-2020-7065, CVE-2020-7066; SHA-256 | 911f6bbed903dbddefb8bd0bba2f0d12e5864b3e566dea3d632a88ddb5ce9853; Download | Favorite | View

Gentoo Linux Security Advisory 201911-03: Posted Nov 8, 2019; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201911-3 - Multiple vulnerabilities have been found in Oniguruma, the worst of which could result in the arbitrary execution of code. Versions less than 6.9.3 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2019-13224, CVE-2019-13225; SHA-256 | ad8c3a8f3538270fa6278c5d84ad7b774902fd2be0fced00e9669cc6439d6c91; Download | Favorite | View

Ubuntu Security Notice USN-4088-1: Posted Aug 7, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4088-1 - It was discovered that PHP incorrectly handled certain regular expressions. An attacker could possibly use this issue to expose sensitive information, cause a denial of service or execute arbitrary code.; tags | advisory, denial of service, arbitrary, php; systems | linux, ubuntu; advisories | CVE-2019-13224; SHA-256 | dc28ef210c6e8c252367083a1a5c6515f27768aa4455ff5a3b255b7ce315d8d9; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 147 files
Ubuntu 44 files
Matthias Deeg 17 files
malvuln 12 files
Google Security Research 5 files
Yvan Genuer 5 files
Steffen Robertz 4 files
Ashish Kumar 3 files
T. Weber 3 files
nu11secur1ty 3 files

File Archives

Systems

AIX (426)
Apple (1,883)
BSD (368)
CentOS (55)
Cisco (1,913)
Debian (5,948)
Fedora (1,690)
FreeBSD (1,241)
Gentoo (4,152)
HPUX (878)
iOS (318)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (42,395)
Mac OS X (683)
Mandriva (3,105)
NetBSD (255)
OpenBSD (478)
RedHat (11,712)
Slackware (941)
Solaris (1,607)
SUSE (1,444)
Ubuntu (7,860)
UNIX (9,079)
UnixWare (185)
Windows (6,424)
Other

CVE-2019-13224

Overview

Related Files

File Archive:

July 2022

Top Authors In Last 30 Days

File Tags

File Archives

Systems