Manhnd

Researcher fromThe Tarantula Team, VinCSS (a member of Vingroup)
#11135of 53,625
24.8Total CVSS
Vulnerabilities · 3
High
2
Critical
1
PT-2019-5886
9.8
2019-11-08
Oniguruma · Oniguruma · CVE-2019-19012
**Name of the Vulnerable Software and Affected Versions** Oniguruma versions 6.x through 6.9.4 rc2 **Description** The issue is related to an integer overflow in the `search in range` function, which can lead to an out-of-bounds read. The offset of this read is under the control of an attacker, allowing remote attackers to cause a denial-of-service or information disclosure. This could potentially have other unspecified impacts. The vulnerability is specific to the 32-bit compiled version of the software. **Recommendations** For Oniguruma versions 6.x through 6.9.4 rc2, update to version 6.9.4 rc2 or later to resolve the issue. As a temporary workaround, consider restricting the use of crafted regular expressions to minimize the risk of exploitation.
PT-2019-5887
7.5
2019-11-06
Oniguruma · Oniguruma · CVE-2019-19204
**Name of the Vulnerable Software and Affected Versions** Oniguruma versions prior to 6.9.4 rc2 **Description** The issue is related to the function `fetch interval quantifier` (formerly known as `fetch range quantifier`) in the Oniguruma library for regular expressions, which is associated with a heap-based buffer over-read. This can be exploited by a remote attacker to cause a denial of service. **Recommendations** For Oniguruma versions prior to 6.9.4 rc2, update to version 6.9.4 rc2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `fetch interval quantifier` function until a patch is available.
PT-2019-5904
7.5
2019-11-06
Oniguruma · Oniguruma · CVE-2019-19203
**Name of the Vulnerable Software and Affected Versions** Oniguruma versions prior to 6.9.4 rc2 **Description** The issue is related to a heap-based buffer over-read in the `gb18030 mbc enc len` function, located in the `gb18030.c` file. This occurs because a `UChar` pointer is dereferenced without checking if it has passed the end of the matched string. The vulnerability can be exploited by a remote attacker to cause a denial of service. **Recommendations** For Oniguruma versions prior to 6.9.4 rc2, update to version 6.9.4 rc2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `gb18030 mbc enc len` function until a patch is available.