CVE-2020-26159

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Oniguruma version 6.9.5 rev1

Description An issue exists where an attacker able to supply a regular expression for compilation may be able to overflow a buffer by one byte in concat opt exact str in src/regcomp.c.

Recommendations For Oniguruma version 6.9.5 rev1, consider updating to a newer version that addresses this issue, as the current version may allow an attacker to overflow a buffer by one byte. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-26159

DLA-2431-1

DLA-2431-2

MGASA-2020-0452

OPENSUSE-SU-2022_3327-1

OPENSUSE-SU-2024:11111-1

SUSE-SU-2022:3327-1

SUSE-SU-2024:2993-1

SUSE-SU-2024_2993-1

Affected Products

Oniguruma

Suse

CVE-2020-26159

Related Identifiers

Affected Products

References · 32