CVE-2019-13224

critical
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.

References

https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55

https://lists.debian.org/debian-lts-announce/2019/07/msg00013.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/JWCPDTZOIUKGMFAD5NAKUB7FPJFAIQN5/

https://lists.fedoraproject.org/archives/list/[email protected]/message/SNL26OZSQRVLEO6JRNUVIMZTICXBNEQW/

https://support.f5.com/csp/article/K00103182

https://support.f5.com/csp/article/K00103182?utm_source=f5support&utm_medium=RSS

https://usn.ubuntu.com/4088-1/

Details

Source: MITRE

Published: 2019-07-10

Updated: 2019-07-17

Type: CWE-416

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:oniguruma_project:oniguruma:6.9.2:-:*:*:*:*:*:*

Tenable Plugins

View all (23 total)

IDNameProductFamilySeverity
147682EulerOS Virtualization 2.9.0 : edk2 (EulerOS-SA-2021-1668)NessusHuawei Local Security Checks
critical
147476EulerOS Virtualization 2.9.1 : edk2 (EulerOS-SA-2021-1633)NessusHuawei Local Security Checks
critical
145957CentOS 8 : php:7.3 (CESA-2020:3662)NessusCentOS Local Security Checks
critical
142352EulerOS 2.0 SP2 : php (EulerOS-SA-2020-2384)NessusHuawei Local Security Checks
critical
140930Oracle Linux 7 : edk2 (ELSA-2020-5861)NessusOracle Linux Local Security Checks
critical
140834EulerOS 2.0 SP3 : php (EulerOS-SA-2020-2067)NessusHuawei Local Security Checks
critical
140482Oracle Linux 8 : php:7.3 (ELSA-2020-3662)NessusOracle Linux Local Security Checks
critical
140396RHEL 8 : php:7.3 (RHSA-2020:3662)NessusRed Hat Local Security Checks
critical
138010EulerOS Virtualization 3.0.6.0 : edk (EulerOS-SA-2020-1791)NessusHuawei Local Security Checks
critical
130635GLSA-201911-03 : Oniguruma: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
129565Amazon Linux AMI : oniguruma (ALAS-2019-1295)NessusAmazon Linux Local Security Checks
critical
129445EulerOS 2.0 SP8 : oniguruma (EulerOS-SA-2019-2086)NessusHuawei Local Security Checks
critical
129067Amazon Linux 2 : oniguruma (ALAS-2019-1288)NessusAmazon Linux Local Security Checks
critical
129010Amazon Linux AMI : php71 / php73 (ALAS-2019-1283)NessusAmazon Linux Local Security Checks
critical
98684PHP 7.1.x < 7.1.32 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
critical
98683PHP 7.2.x < 7.2.22 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
critical
98682PHP 7.3.x < 7.3.9 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
critical
128588FreeBSD : oniguruma -- multiple vulnerabilities (a8d87c7a-d1b1-11e9-a616-0992a4564e7c)NessusFreeBSD Local Security Checks
critical
128531PHP 7.3.x < 7.3.9 Multiple Vulnerabilities.NessusCGI abuses
critical
128157Photon OS 3.0: Oniguruma PHSA-2019-3.0-0024NessusPhotonOS Local Security Checks
critical
127510Fedora 29 : oniguruma (2019-5409bb5e68)NessusFedora Local Security Checks
critical
127509Fedora 30 : oniguruma (2019-3f3d0953db)NessusFedora Local Security Checks
critical
126793Debian DLA-1854-1 : libonig security updateNessusDebian Local Security Checks
critical