ELSA-2020-5861: edk2 security update (IMPORTANT)

ELSA-2020-5746: edk2 security update (IMPORTANT)

A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.

A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.

A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.

A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 a ...

A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.

Уязвимость функции onig_new_deluxe библиотеки регулярных выражений для многобайтовых строк libonig, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации и нарушить ее целостность и доступность

Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

Insufficient memory write check in SMM service for EDK II may allow an ...

Moderate: php:7.3 security, bug fix, and enhancement update

ELSA-2020-3662: php:7.3 security, bug fix, and enhancement update (MODERATE)

ELSA-2024-0889: oniguruma security update (MODERATE)

Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

Security update for oniguruma

Improper authentication in EDK II may allow a privileged user to potentially enable information disclosure via network access.

Improper authentication in EDK II may allow a privileged user to potentially enable information disclosure via network access.

Improper authentication in EDK II may allow a privileged user to potentially enable information disclosure via network access.