CVE-2017-9229 vulnerability in Onigurumaproject and Other Products
Published on May 24, 2017

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_search_range() could result in an invalid pointer dereference, normally as an immediate denial-of-service condition.

Vendor Advisory NVD

Products Associated with CVE-2017-9229

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2017-9229 are published in these products:

Onigurumaproject Oniguruma

Ruby Programming Language Ruby Language

PHP

Exploit Probability

EPSS

0.59%

Percentile

68.91%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2017-9229 vulnerability in Onigurumaproject and Other ProductsPublished on May 24, 2017

Products Associated with CVE-2017-9229

Exploit Probability

CVE-2017-9229 vulnerability in Onigurumaproject and Other Products
Published on May 24, 2017