This vulnerability has been modified and is currently undergoing reanalysis. Please check back soon to view the updated vulnerability summary.
A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.
CVSS 3.x Severity and Metrics:
CVSS 2.0 Severity and Metrics: