Php

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:php:php:*:*:*:*:*:oniguruma-mod:*:*

part: a version: * update: *

VendorPhp (9aec2613-7a27-5ce5-8ac7-140851d8da4c)
ProductPhp (38640b93-5029-5cca-a025-ab7d01c98b51)
Edition*
Language*
Software edition*
Target softwareoniguruma-mod
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/php/php-src purl2cpe 2026-06-01 10:17:42.700391

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2017-9229 vulnerable 2026-06-03 14:37:41.186935 Details available
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_search_range() could result in an invalid pointer dereference, normally as an immediate denial-of-service condition.
Published: 2017-05-24T15:00:00.000Z
Updated: 2024-08-05T17:02:44.157Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-9225 vulnerable 2026-06-03 14:37:41.184633 Details available
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds write in onigenc_unicode_get_case_fold_codes_by_str() occurs during regular expression compilation. Code point 0xFFFFFFFF is not properly handled in unicode_unfold_key(). A malformed regular expression could result in 4 bytes being written off the end of a stack buffer of expand_case_fold_string() during the call to onigenc_unicode_get_case_fold_codes_by_str(), a typical stack buffer overflow.
Published: 2017-05-24T15:00:00.000Z
Updated: 2024-09-17T03:07:00.571Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.