An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-11-21T20:06:59

Updated: 2024-08-05T02:09:39.577Z

Reserved: 2019-11-21T00:00:00

Link: CVE-2019-19203

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-11-21T21:15:11.497

Modified: 2024-11-21T04:34:19.243

Link: CVE-2019-19203

cve-icon Redhat

Severity : Moderate

Publid Date: 2019-11-06T00:00:00Z

Links: CVE-2019-19203 - Bugzilla