A use-after-free in onignewdeluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onignewdeluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.
{ "vanir_signatures": [ { "deprecated": false, "source": "https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55", "target": { "file": "src/regext.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "144477375847041035196488014531602342496", "39487835141121000899975727629951651164", "243574904145470851950892010676215846309", "261101043450223522914619713906777460104", "192845130568107495712244117068883375560", "38824287918157113434026198298701563168", "44502028448723226475273193052058068900", "57330471737783644434537330796049609549", "265399586591815778503620908494229098639", "17751534671408493758106039438651136950", "42363307028960740653651765099861536532" ] }, "id": "CVE-2019-13224-69a60e05", "signature_version": "v1", "signature_type": "Line" }, { "deprecated": false, "source": "https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55", "target": { "function": "onig_new_deluxe", "file": "src/regext.c" }, "digest": { "function_hash": "16716532786252836573114105484968648519", "length": 884.0 }, "id": "CVE-2019-13224-b47700ae", "signature_version": "v1", "signature_type": "Function" } ] }