Oniguruma up to and including 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oniguruma project oniguruma |
||
php php |
||
fedoraproject fedora 31 |
||
canonical ubuntu linux 14.04 |
||
debian debian linux 8.0 |