Showing 1 - 1 of 1

CVE-2019-13224

Status Candidate

Overview

A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.

Related Files

Ubuntu Security Notice USN-4088-1: Posted Aug 7, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4088-1 - It was discovered that PHP incorrectly handled certain regular expressions. An attacker could possibly use this issue to expose sensitive information, cause a denial of service or execute arbitrary code.; tags | advisory, denial of service, arbitrary, php; systems | linux, ubuntu; advisories | CVE-2019-13224; MD5 | ed4b58bc7094ad86318294e6a345fed2; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 150 files
Ubuntu 49 files
Google Security Research 38 files
mjurczyk 21 files
Gentoo 20 files
Debian 19 files
Apple 13 files
natashenka 7 files
Daniel Bishtawi 6 files
qw3rTyTy 6 files

File Archives

Systems

AIX (414)
Apple (1,656)
BSD (358)
Cisco (1,857)
Debian (5,814)
Fedora (1,685)
FreeBSD (1,228)
Gentoo (3,708)
HPUX (869)
iOS (211)
iPhone (107)
IRIX (220)
Juniper (67)
Linux (35,813)
Mac OS X (658)
Mandriva (3,105)
NetBSD (255)
OpenBSD (460)
RedHat (7,517)
Slackware (912)
Solaris (1,581)
SUSE (1,444)
Ubuntu (6,292)
UNIX (8,499)
UnixWare (176)
Windows (5,527)
Other

CVE-2019-13224

Overview

Related Files

File Archive:

August 2019

Top Authors In Last 30 Days

File Tags

File Archives

Systems