Total vulnerabilities in the database
Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.
| Software | From | Fixed in |
|---|---|---|
| oniguruma_project / oniguruma | - | 6.9.3.x |
| php / php | 7.3.0 | 7.3.10 |
| fedoraproject / fedora | 31 | 31.x |
| canonical / ubuntu_linux | 14.04 | 14.04.x |
| debian / debian_linux | 8.0 | 8.0.x |