VDB
RHSA-2020%3A3662
RHSA-2020%3A3662
PUBLISHED
CVSS 6.5 MEDIUM
An update for the php:7.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Risk Scores
CVSS 3.1
6.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| php | ||
| apcu | ||
| Red Hat Enterprise Linux AppStream (v. 8) | ||
| php:7.3:8020020200715124551:ceb1cf90 | ||
| libzip |
Exploit Intelligence
- Heap-buffer-overflow in Oniguruma (function fetch_interval_quantifier) (github-poc)
- Heap-buffer-overflow in Oniguruma (function fetch_interval_quantifier) (github-poc)
- Heap-buffer-overflow in Oniguruma (function fetch_interval_quantifier) (github-poc)
- Heap-buffer-overflow in Oniguruma (function fetch_interval_quantifier) (github-poc)
- Heap-buffer-overflow in Oniguruma (function fetch_interval_quantifier) (github-poc)
- Heap-buffer-overflow in Oniguruma (function fetch_interval_quantifier) (github-poc)
- An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read (github-poc)
- An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read (github-poc)
- An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read (github-poc)
- Heap-buffer-overflow in Oniguruma (function gb18030_mbc_enc_len) (github-poc)
…and 30 more exploits
Timeline
- Sep 8, 2020 CVE Published
- Mar 13, 2026 CVE Updated
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2020:3662 advisory
- https://access.redhat.com/security/updates/classification/#moderate url
- https://bugzilla.redhat.com/show_bug.cgi?id=1724152 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1724154 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1728965 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1728970 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1735494 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1739459 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1739465 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1768997 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1777537 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1786570 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1786572 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1788258 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1797776 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1797779 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1802061 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1802068 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1808532 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1808536 url
…and 5 more