{"id":"CVE-2017-9227","details":"An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching. Invalid handling of reg-\u003edmin in forward_search_range() could result in an invalid pointer dereference, as an out-of-bounds read from a stack buffer.","modified":"2026-07-08T16:54:19.083058Z","published":"2017-05-24T15:29:00.323Z","related":["SUSE-SU-2017:1585-1","SUSE-SU-2017:1662-1","SUSE-SU-2017:1717-1"],"references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/100538"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1296"},{"type":"FIX","url":"https://github.com/kkos/oniguruma/commit/9690d3ab1f9bcd2db8cbe1fe3ee4a5da606b8814"},{"type":"FIX","url":"https://github.com/kkos/oniguruma/issues/58"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/kkos/oniguruma","events":[{"introduced":"c4ce370f5754b34321c7f87cdc6f198864221eca"},{"last_affected":"c4ce370f5754b34321c7f87cdc6f198864221eca"},{"fixed":"9690d3ab1f9bcd2db8cbe1fe3ee4a5da606b8814"}],"database_specific":{"extracted_events":[{"introduced":"6.2.0"},{"last_affected":"6.2.0"}],"source":["CPE_STRING","REFERENCES"],"cpe":"cpe:2.3:a:oniguruma_project:oniguruma:6.2.0:*:*:*:*:*:*:*"}}],"versions":["6.2.0","v6.2.0"],"database_specific":{"vanir_signatures":[{"digest":{"function_hash":"107256506076362528630293821856860722664","length":3055},"source":"https://github.com/kkos/oniguruma/commit/9690d3ab1f9bcd2db8cbe1fe3ee4a5da606b8814","signature_version":"v1","id":"CVE-2017-9227-87db20c4","signature_type":"Function","target":{"function":"forward_search_range","file":"src/regexec.c"},"deprecated":false},{"digest":{"threshold":0.9,"line_hashes":["244917375269462939977115246385469839147","260813193810532824259245784304712775384","120231572746728307893137213880243448934","118234623326047463135166462558158684412"]},"source":"https://github.com/kkos/oniguruma/commit/9690d3ab1f9bcd2db8cbe1fe3ee4a5da606b8814","signature_version":"v1","id":"CVE-2017-9227-ce1115bb","signature_type":"Line","target":{"file":"src/regexec.c"},"deprecated":false}],"vanir_signatures_modified":"2026-07-08T16:54:19Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9227.json"}},{"ranges":[{"type":"GIT","repo":"https://github.com/php/php-src","events":[{"introduced":"fc1df8e7a6886e29a6ed5bef3f674ac61164e847"},{"fixed":"de96a08a90e480f1afb655bcfeac8ac28a14228e"},{"introduced":"60fffd296abce5fc071f3c173c25a2696cf683c6"},{"fixed":"8a79ce6c8b9d309573993ce332f3951ea1947e2f"},{"introduced":"0221e9f827632942225586687a33cfd554860d5e"},{"fixed":"73915a2bd61f21fd809b4d50af9aba950f43e807"}],"database_specific":{"extracted_events":[{"introduced":"5.6.0"},{"fixed":"5.6.31"},{"introduced":"7.0.0"},{"fixed":"7.0.21"},{"introduced":"7.1.0"},{"fixed":"7.1.7"}],"source":"CPE_RANGE","cpe":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"}}],"database_specific":{"vanir_signatures":[{"digest":{"function_hash":"233037532068098537505988791132617368492","length":13872},"source":"https://github.com/php/php-src/commit/73915a2bd61f21fd809b4d50af9aba950f43e807","signature_version":"v1","id":"CVE-2017-9227-343f4c1a","signature_type":"Function","target":{"function":"compile_bracket_matchingpath","file":"ext/pcre/pcrelib/pcre_jit_compile.c"},"deprecated":false},{"digest":{"threshold":0.9,"line_hashes":["41612049881914751775057704412356952022","206133687184829194312361432760839012982","60469889591596012334583203454317370370","317056786488417399517652373716894105276"]},"source":"https://github.com/php/php-src/commit/73915a2bd61f21fd809b4d50af9aba950f43e807","signature_version":"v1","id":"CVE-2017-9227-cfd9dfdb","signature_type":"Line","target":{"file":"ext/pcre/pcrelib/pcre_jit_compile.c"},"deprecated":false}],"vanir_signatures_modified":"2026-07-08T16:54:19Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9227.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}