Description
Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.
Remediation
References
Related Vulnerabilities
Claroline Other Vulnerability (CVE-2005-1374)
WordPress Plugin API Bearer Auth Cross-Site Scripting (20181229)
WordPress Plugin Gallery PhotoBlocks Cross-Site Scripting (1.1.50)
WordPress 3.3.2 Multiple Vulnerabilities (3.3 - 3.3.2)
WordPress Plugin Child Theme Configurator Arbitrary File Disclosure (1.7.4)