Search for packages
| purl | pkg:deb/debian/libonig@6.9.1-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1y4w-7sqk-aaad
Aliases: CVE-2019-13225 |
A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust. |
Affected by 0 other vulnerabilities. |
|
VCID-761z-8m2h-aaaq
Aliases: CVE-2019-13224 |
A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust. |
Affected by 0 other vulnerabilities. |
|
VCID-f16c-amc9-aaae
Aliases: CVE-2019-19012 |
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression. |
Affected by 0 other vulnerabilities. |
|
VCID-gvfv-rq6n-aaaq
Aliases: CVE-2019-19204 |
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read. |
Affected by 0 other vulnerabilities. |
|
VCID-mpjk-r7xj-aaaq
Aliases: CVE-2019-19246 |
Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c. |
Affected by 0 other vulnerabilities. |
|
VCID-tdpv-tbk4-aaag
Aliases: CVE-2019-19203 |
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read. |
Affected by 0 other vulnerabilities. |
|
VCID-xe76-b24z-aaab
Aliases: CVE-2019-16163 |
Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-22T16:25:51.622312+00:00 | Debian Importer | Affected by | VCID-gvfv-rq6n-aaaq | None | 36.1.3 |
| 2025-06-22T10:52:57.169899+00:00 | Debian Importer | Affected by | VCID-f16c-amc9-aaae | None | 36.1.3 |
| 2025-06-21T19:55:34.324064+00:00 | Debian Importer | Affected by | VCID-1y4w-7sqk-aaad | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T13:38:21.679087+00:00 | Debian Importer | Affected by | VCID-xe76-b24z-aaab | None | 36.1.3 |
| 2025-06-21T10:19:57.658387+00:00 | Debian Importer | Affected by | VCID-gvfv-rq6n-aaaq | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T08:36:02.835293+00:00 | Debian Importer | Affected by | VCID-mpjk-r7xj-aaaq | None | 36.1.3 |
| 2025-06-21T06:13:12.649353+00:00 | Debian Importer | Affected by | VCID-mpjk-r7xj-aaaq | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T05:54:23.262248+00:00 | Debian Importer | Affected by | VCID-tdpv-tbk4-aaag | None | 36.1.3 |
| 2025-06-21T05:30:56.602243+00:00 | Debian Oval Importer | Affected by | VCID-tdpv-tbk4-aaag | None | 36.1.3 |
| 2025-06-21T05:23:17.196835+00:00 | Debian Oval Importer | Affected by | VCID-761z-8m2h-aaaq | None | 36.1.3 |
| 2025-06-21T05:07:35.151937+00:00 | Debian Oval Importer | Affected by | VCID-xe76-b24z-aaab | None | 36.1.3 |
| 2025-06-21T04:30:32.590746+00:00 | Debian Oval Importer | Affected by | VCID-1y4w-7sqk-aaad | None | 36.1.3 |
| 2025-06-21T04:29:17.940786+00:00 | Debian Importer | Affected by | VCID-761z-8m2h-aaaq | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T02:21:06.484947+00:00 | Debian Oval Importer | Affected by | VCID-f16c-amc9-aaae | None | 36.1.3 |
| 2025-06-21T02:12:58.175511+00:00 | Debian Importer | Affected by | VCID-761z-8m2h-aaaq | None | 36.1.3 |
| 2025-06-21T02:11:15.430608+00:00 | Debian Oval Importer | Affected by | VCID-mpjk-r7xj-aaaq | None | 36.1.3 |
| 2025-06-21T02:10:01.888813+00:00 | Debian Importer | Affected by | VCID-1y4w-7sqk-aaad | None | 36.1.3 |
| 2025-06-21T01:38:27.373669+00:00 | Debian Oval Importer | Affected by | VCID-gvfv-rq6n-aaaq | None | 36.1.3 |
| 2025-06-20T21:19:05.780519+00:00 | Debian Importer | Affected by | VCID-f16c-amc9-aaae | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-08T13:12:05.326475+00:00 | Debian Oval Importer | Affected by | VCID-f16c-amc9-aaae | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T13:00:14.842862+00:00 | Debian Oval Importer | Affected by | VCID-gvfv-rq6n-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T12:11:30.678706+00:00 | Debian Oval Importer | Affected by | VCID-xe76-b24z-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-07T23:08:49.053988+00:00 | Debian Oval Importer | Affected by | VCID-tdpv-tbk4-aaag | None | 36.1.0 |
| 2025-06-07T23:01:01.061435+00:00 | Debian Oval Importer | Affected by | VCID-761z-8m2h-aaaq | None | 36.1.0 |
| 2025-06-07T22:45:02.791122+00:00 | Debian Oval Importer | Affected by | VCID-xe76-b24z-aaab | None | 36.1.0 |
| 2025-06-07T22:06:56.986772+00:00 | Debian Oval Importer | Affected by | VCID-1y4w-7sqk-aaad | None | 36.1.0 |
| 2025-06-07T19:44:55.889160+00:00 | Debian Oval Importer | Affected by | VCID-f16c-amc9-aaae | None | 36.1.0 |
| 2025-06-07T19:35:00.945579+00:00 | Debian Oval Importer | Affected by | VCID-mpjk-r7xj-aaaq | None | 36.1.0 |
| 2025-06-07T19:01:32.159987+00:00 | Debian Oval Importer | Affected by | VCID-gvfv-rq6n-aaaq | None | 36.1.0 |
| 2025-04-12T22:18:11.309829+00:00 | Debian Oval Importer | Affected by | VCID-mpjk-r7xj-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:26:09.724776+00:00 | Debian Oval Importer | Affected by | VCID-761z-8m2h-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:08:23.672659+00:00 | Debian Oval Importer | Affected by | VCID-tdpv-tbk4-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T19:27:52.606195+00:00 | Debian Oval Importer | Affected by | VCID-1y4w-7sqk-aaad | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:59:51.713711+00:00 | Debian Oval Importer | Affected by | VCID-f16c-amc9-aaae | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:47:36.860009+00:00 | Debian Oval Importer | Affected by | VCID-gvfv-rq6n-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:57:11.397445+00:00 | Debian Oval Importer | Affected by | VCID-xe76-b24z-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-07T21:40:51.956739+00:00 | Debian Oval Importer | Affected by | VCID-tdpv-tbk4-aaag | None | 36.0.0 |
| 2025-04-07T21:33:01.923206+00:00 | Debian Oval Importer | Affected by | VCID-761z-8m2h-aaaq | None | 36.0.0 |
| 2025-04-07T21:16:53.947448+00:00 | Debian Oval Importer | Affected by | VCID-xe76-b24z-aaab | None | 36.0.0 |
| 2025-04-07T20:38:16.947609+00:00 | Debian Oval Importer | Affected by | VCID-1y4w-7sqk-aaad | None | 36.0.0 |
| 2025-04-07T18:22:43.861201+00:00 | Debian Oval Importer | Affected by | VCID-f16c-amc9-aaae | None | 36.0.0 |
| 2025-04-07T18:12:43.206583+00:00 | Debian Oval Importer | Affected by | VCID-mpjk-r7xj-aaaq | None | 36.0.0 |
| 2025-04-07T17:39:23.655556+00:00 | Debian Oval Importer | Affected by | VCID-gvfv-rq6n-aaaq | None | 36.0.0 |
| 2025-04-07T07:48:47.115094+00:00 | Debian Importer | Affected by | VCID-xe76-b24z-aaab | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-06T19:43:12.159890+00:00 | Debian Importer | Affected by | VCID-tdpv-tbk4-aaag | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-06T09:36:15.179027+00:00 | Debian Importer | Affected by | VCID-gvfv-rq6n-aaaq | None | 36.0.0 |
| 2025-04-06T04:12:55.848791+00:00 | Debian Importer | Affected by | VCID-f16c-amc9-aaae | None | 36.0.0 |
| 2025-04-05T16:06:23.779134+00:00 | Debian Importer | Affected by | VCID-1y4w-7sqk-aaad | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-05T10:10:53.714243+00:00 | Debian Importer | Affected by | VCID-xe76-b24z-aaab | None | 36.0.0 |
| 2025-04-05T07:35:51.478175+00:00 | Debian Importer | Affected by | VCID-gvfv-rq6n-aaaq | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-05T05:51:59.326447+00:00 | Debian Importer | Affected by | VCID-mpjk-r7xj-aaaq | None | 36.0.0 |
| 2025-04-05T03:28:03.542361+00:00 | Debian Importer | Affected by | VCID-mpjk-r7xj-aaaq | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-05T03:09:08.507727+00:00 | Debian Importer | Affected by | VCID-tdpv-tbk4-aaag | None | 36.0.0 |
| 2025-04-04T07:18:37.782509+00:00 | Debian Importer | Affected by | VCID-761z-8m2h-aaaq | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T04:58:39.665576+00:00 | Debian Importer | Affected by | VCID-761z-8m2h-aaaq | None | 36.0.0 |
| 2025-04-04T04:55:39.942494+00:00 | Debian Importer | Affected by | VCID-1y4w-7sqk-aaad | None | 36.0.0 |
| 2025-04-03T23:57:16.149420+00:00 | Debian Importer | Affected by | VCID-f16c-amc9-aaae | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-02-19T08:25:31.264399+00:00 | Debian Importer | Affected by | VCID-mpjk-r7xj-aaaq | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-19T08:25:29.176829+00:00 | Debian Importer | Affected by | VCID-mpjk-r7xj-aaaq | None | 35.1.0 |
| 2025-02-19T08:24:01.801799+00:00 | Debian Importer | Affected by | VCID-gvfv-rq6n-aaaq | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-19T08:23:59.698460+00:00 | Debian Importer | Affected by | VCID-gvfv-rq6n-aaaq | None | 35.1.0 |
| 2025-02-19T08:23:56.803472+00:00 | Debian Importer | Affected by | VCID-tdpv-tbk4-aaag | None | 35.1.0 |
| 2025-02-19T08:23:56.030642+00:00 | Debian Importer | Affected by | VCID-tdpv-tbk4-aaag | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-19T08:06:30.380156+00:00 | Debian Importer | Affected by | VCID-f16c-amc9-aaae | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-19T08:06:28.300777+00:00 | Debian Importer | Affected by | VCID-f16c-amc9-aaae | None | 35.1.0 |
| 2025-02-19T07:25:02.433251+00:00 | Debian Importer | Affected by | VCID-xe76-b24z-aaab | None | 35.1.0 |
| 2025-02-19T07:25:01.720786+00:00 | Debian Importer | Affected by | VCID-xe76-b24z-aaab | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-19T05:49:56.807304+00:00 | Debian Importer | Affected by | VCID-1y4w-7sqk-aaad | None | 35.1.0 |
| 2025-02-19T05:49:56.138542+00:00 | Debian Importer | Affected by | VCID-1y4w-7sqk-aaad | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-19T05:49:54.084664+00:00 | Debian Importer | Affected by | VCID-761z-8m2h-aaaq | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-19T05:49:52.576172+00:00 | Debian Importer | Affected by | VCID-761z-8m2h-aaaq | None | 35.1.0 |
| 2024-04-24T15:22:54.545570+00:00 | Debian Importer | Affected by | VCID-mpjk-r7xj-aaaq | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-04-24T15:22:52.167861+00:00 | Debian Importer | Affected by | VCID-mpjk-r7xj-aaaq | None | 34.0.0rc4 |
| 2024-04-24T15:21:14.202277+00:00 | Debian Importer | Affected by | VCID-gvfv-rq6n-aaaq | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-04-24T15:21:11.835823+00:00 | Debian Importer | Affected by | VCID-gvfv-rq6n-aaaq | None | 34.0.0rc4 |
| 2024-04-24T15:21:06.590189+00:00 | Debian Importer | Affected by | VCID-tdpv-tbk4-aaag | None | 34.0.0rc4 |
| 2024-04-24T15:21:04.899694+00:00 | Debian Importer | Affected by | VCID-tdpv-tbk4-aaag | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-04-24T15:09:49.306754+00:00 | Debian Importer | Affected by | VCID-f16c-amc9-aaae | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-04-24T15:09:46.893895+00:00 | Debian Importer | Affected by | VCID-f16c-amc9-aaae | None | 34.0.0rc4 |
| 2024-04-24T14:49:01.920477+00:00 | Debian Importer | Affected by | VCID-xe76-b24z-aaab | None | 34.0.0rc4 |
| 2024-04-24T14:49:01.155167+00:00 | Debian Importer | Affected by | VCID-xe76-b24z-aaab | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-04-24T14:09:38.909300+00:00 | Debian Importer | Affected by | VCID-1y4w-7sqk-aaad | None | 34.0.0rc4 |
| 2024-04-24T14:09:38.056902+00:00 | Debian Importer | Affected by | VCID-1y4w-7sqk-aaad | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-04-24T14:09:35.517752+00:00 | Debian Importer | Affected by | VCID-761z-8m2h-aaaq | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-04-24T14:09:32.328027+00:00 | Debian Importer | Affected by | VCID-761z-8m2h-aaaq | None | 34.0.0rc4 |
| 2024-01-10T17:53:02.592561+00:00 | Debian Importer | Affected by | VCID-mpjk-r7xj-aaaq | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc2 |
| 2024-01-10T17:53:00.123774+00:00 | Debian Importer | Affected by | VCID-mpjk-r7xj-aaaq | None | 34.0.0rc2 |
| 2024-01-10T17:51:50.631326+00:00 | Debian Importer | Affected by | VCID-gvfv-rq6n-aaaq | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc2 |
| 2024-01-10T17:51:47.968865+00:00 | Debian Importer | Affected by | VCID-gvfv-rq6n-aaaq | None | 34.0.0rc2 |
| 2024-01-10T17:51:43.724262+00:00 | Debian Importer | Affected by | VCID-tdpv-tbk4-aaag | None | 34.0.0rc2 |
| 2024-01-10T17:51:42.535741+00:00 | Debian Importer | Affected by | VCID-tdpv-tbk4-aaag | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc2 |
| 2024-01-10T17:46:20.635320+00:00 | Debian Importer | Affected by | VCID-f16c-amc9-aaae | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc2 |
| 2024-01-10T17:46:15.181266+00:00 | Debian Importer | Affected by | VCID-f16c-amc9-aaae | None | 34.0.0rc2 |
| 2024-01-10T17:32:00.778162+00:00 | Debian Importer | Affected by | VCID-xe76-b24z-aaab | None | 34.0.0rc2 |
| 2024-01-10T17:31:59.927378+00:00 | Debian Importer | Affected by | VCID-xe76-b24z-aaab | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc2 |
| 2024-01-10T16:52:58.458295+00:00 | Debian Importer | Affected by | VCID-1y4w-7sqk-aaad | None | 34.0.0rc2 |
| 2024-01-10T16:52:56.850950+00:00 | Debian Importer | Affected by | VCID-1y4w-7sqk-aaad | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc2 |
| 2024-01-10T16:52:52.721960+00:00 | Debian Importer | Affected by | VCID-761z-8m2h-aaaq | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc2 |
| 2024-01-10T16:52:50.361027+00:00 | Debian Importer | Affected by | VCID-761z-8m2h-aaaq | None | 34.0.0rc2 |
| 2024-01-04T07:26:49.976778+00:00 | Debian Importer | Affected by | VCID-mpjk-r7xj-aaaq | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc1 |
| 2024-01-04T07:26:47.594730+00:00 | Debian Importer | Affected by | VCID-mpjk-r7xj-aaaq | None | 34.0.0rc1 |
| 2024-01-04T07:25:44.018394+00:00 | Debian Importer | Affected by | VCID-gvfv-rq6n-aaaq | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc1 |
| 2024-01-04T07:25:41.456277+00:00 | Debian Importer | Affected by | VCID-gvfv-rq6n-aaaq | None | 34.0.0rc1 |
| 2024-01-04T07:25:38.228006+00:00 | Debian Importer | Affected by | VCID-tdpv-tbk4-aaag | None | 34.0.0rc1 |
| 2024-01-04T07:25:37.427662+00:00 | Debian Importer | Affected by | VCID-tdpv-tbk4-aaag | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc1 |
| 2024-01-04T07:21:20.235251+00:00 | Debian Importer | Affected by | VCID-f16c-amc9-aaae | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc1 |
| 2024-01-04T07:21:17.872103+00:00 | Debian Importer | Affected by | VCID-f16c-amc9-aaae | None | 34.0.0rc1 |
| 2024-01-04T07:08:52.592175+00:00 | Debian Importer | Affected by | VCID-xe76-b24z-aaab | None | 34.0.0rc1 |
| 2024-01-04T07:08:51.736506+00:00 | Debian Importer | Affected by | VCID-xe76-b24z-aaab | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc1 |
| 2024-01-04T06:34:20.844925+00:00 | Debian Importer | Affected by | VCID-1y4w-7sqk-aaad | None | 34.0.0rc1 |
| 2024-01-04T06:34:20.086438+00:00 | Debian Importer | Affected by | VCID-1y4w-7sqk-aaad | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc1 |
| 2024-01-04T06:34:17.403263+00:00 | Debian Importer | Affected by | VCID-761z-8m2h-aaaq | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc1 |
| 2024-01-04T06:34:15.763182+00:00 | Debian Importer | Affected by | VCID-761z-8m2h-aaaq | None | 34.0.0rc1 |