VDB

GCVE-VVD-MAGEIA-2019-253

GCVE-VVD-MAGEIA-2019-253
Advisory Published
Vulnetix · Advisory published September 6, 2019
Updated php packages fix security vulnerabilities: A use-after-free in onig_new_deluxe() in regext.c in the bundled Oniguruma allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression (CVE-2019-13224). A NULL Pointer Dereference in match_at() in regexec.c in the bundled Oniguruma allows attackers to potentially cause denial of service by providing a crafted regular expression (CVE-2019-13225). For other fixes in this update, see the referenced changelog.
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiaphp0 (affected), 7.3.9-1.mga7 (unaffected)

References

Updated php packages fix security vulnerabilities
advisory
Updated php packages fix security vulnerabilities
issue
Updated php packages fix security vulnerabilities
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›