Your submission was sent successfully! Close

CVE-2019-13225

Published: 10 July 2019

A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
libonig
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
cosmic Not vulnerable
(code not present)
disco Ignored
(reached end-of-life)
eoan
Released (6.9.2-1)
precise Does not exist

trusty Not vulnerable
(code not present)
upstream
Released (6.9.2-1)
xenial Not vulnerable
(code not present)