[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2017-9227":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":33,"duplicate_of":9,"upstream":34,"downstream":35,"duplicates":56,"related":57,"reserved_at":9,"published_at":62,"modified_at":63,"state":64,"summary":65,"references_raw":73,"kevs":100,"epss":101,"epss_history":104,"metrics":377,"affected":386},"CVE-2017-9227","An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching. Invalid handling of reg->dmin in forward_search_range() could result in an invalid pointer dereference, as an out-of-bounds read from a stack buffer.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[24],{"_key":25,"name":26,"source":27,"url":28,"maturity":29,"reliability_score":30,"verified":31,"type":9,"platforms":32,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_KKOS_ONIGURUMA","Oniguruma","github","https://github.com/kkos/oniguruma/issues/57","poc",0.3,false,[],[],[],[36,38,40,42,44,46,48,50,52,54],{"_key":37},"ALPINE-CVE-2017-9227",{"_key":39},"SUSE-SU-2017:1717-1",{"_key":41},"SUSE-SU-2017:1585-1",{"_key":43},"SUSE-SU-2017:1662-1",{"_key":45},"DLA-958-1",{"_key":47},"MGASA-2017-0246",{"_key":49},"UBUNTU-CVE-2017-9227",{"_key":51},"USN-3382-1",{"_key":53},"DEBIAN-CVE-2017-9227",{"_key":55},"RHSA-2018:1296",[],[58,59,60,61],{"_key":39},{"_key":41},{"_key":43},{"_key":47},"2017-05-24T15:00:00.000Z","2024-08-05T17:02:44.162Z","Modified",{"cisa_kev":31,"cisa_ransomware":31,"cisa_vendor":9,"epss_severity":66,"epss_score":67,"severity":68,"severity_score":69,"severity_version":70,"severity_source":71,"severity_vector":72,"severity_status":64},"low",0.00454,"critical",9.8,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[74,82,88,96],{"url":75,"sources":76,"tags":78},"https://access.redhat.com/errata/RHSA-2018:1296",[77,71],"cve.org",[79,80,81],"Vendor Advisory","X Refsource REDHAT","Third Party Advisory",{"url":83,"sources":84,"tags":85},"http://www.securityfocus.com/bid/100538",[77,71],[86,87,81],"VDB Entry","X Refsource BID",{"url":89,"sources":90,"tags":91},"https://github.com/kkos/oniguruma/issues/58",[77,71],[92,93,94,95,81],"X Refsource CONFIRM","Exploit","Issue Tracking","Patch",{"url":97,"sources":98,"tags":99},"https://github.com/kkos/oniguruma/commit/9690d3ab1f9bcd2db8cbe1fe3ee4a5da606b8814",[77,71],[92,95,81],[],{"date":102,"score":67,"percentile":103},"2026-06-04",0.6412,[105,109,112,115,118,121,124,127,130,133,136,139,142,145,148,152,155,158,161,163,166,168,171,173,176,179,182,185,189,192,195,198,201,204,207,209,211,214,217,220,223,225,228,231,234,238,241,244,247,250,253,256,259,262,266,268,271,274,277,281,284,287,290,293,296,299,302,305,307,310,313,316,320,323,327,330,334,337,340,343,347,350,353,356,359,362,365,367,370,373],{"date":106,"score":107,"percentile":108},"2025-11-04",0.00482,0.64338,{"date":110,"score":107,"percentile":111},"2025-11-05",0.64319,{"date":113,"score":107,"percentile":114},"2025-11-06",0.64321,{"date":116,"score":107,"percentile":117},"2025-11-07",0.6433,{"date":119,"score":107,"percentile":120},"2025-11-08",0.64335,{"date":122,"score":107,"percentile":123},"2025-11-09",0.64326,{"date":125,"score":107,"percentile":126},"2025-11-10",0.64314,{"date":128,"score":107,"percentile":129},"2025-11-11",0.64324,{"date":131,"score":107,"percentile":132},"2025-11-12",0.64346,{"date":134,"score":107,"percentile":135},"2025-11-13",0.64352,{"date":137,"score":107,"percentile":138},"2025-11-14",0.64361,{"date":140,"score":107,"percentile":141},"2025-11-15",0.64356,{"date":143,"score":107,"percentile":144},"2025-11-16",0.64349,{"date":146,"score":107,"percentile":147},"2025-11-17",0.64345,{"date":149,"score":150,"percentile":151},"2025-11-18",0.02919,0.85144,{"date":153,"score":150,"percentile":154},"2025-11-19",0.85145,{"date":156,"score":150,"percentile":157},"2025-11-20",0.85148,{"date":159,"score":107,"percentile":160},"2025-11-21",0.64354,{"date":162,"score":107,"percentile":138},"2025-11-22",{"date":164,"score":107,"percentile":165},"2025-11-23",0.64344,{"date":167,"score":107,"percentile":120},"2025-11-24",{"date":169,"score":107,"percentile":170},"2025-11-25",0.64336,{"date":172,"score":107,"percentile":108},"2025-11-26",{"date":174,"score":107,"percentile":175},"2025-11-27",0.64342,{"date":177,"score":107,"percentile":178},"2025-11-28",0.64318,{"date":180,"score":107,"percentile":181},"2025-11-29",0.64288,{"date":183,"score":107,"percentile":184},"2025-11-30",0.64282,{"date":186,"score":187,"percentile":188},"2025-12-01",0.00257,0.48934,{"date":190,"score":187,"percentile":191},"2025-12-02",0.48951,{"date":193,"score":187,"percentile":194},"2025-12-03",0.48945,{"date":196,"score":107,"percentile":197},"2025-12-04",0.6429,{"date":199,"score":107,"percentile":200},"2025-12-05",0.64305,{"date":202,"score":107,"percentile":203},"2025-12-06",0.64303,{"date":205,"score":107,"percentile":206},"2025-12-07",0.64295,{"date":208,"score":107,"percentile":203},"2025-12-08",{"date":210,"score":107,"percentile":170},"2025-12-09",{"date":212,"score":107,"percentile":213},"2025-12-10",0.64384,{"date":215,"score":107,"percentile":216},"2025-12-11",0.64401,{"date":218,"score":107,"percentile":219},"2025-12-12",0.64419,{"date":221,"score":107,"percentile":222},"2025-12-13",0.64426,{"date":224,"score":107,"percentile":222},"2025-12-14",{"date":226,"score":107,"percentile":227},"2025-12-15",0.6442,{"date":229,"score":107,"percentile":230},"2025-12-16",0.64435,{"date":232,"score":107,"percentile":233},"2025-12-17",0.64449,{"date":235,"score":236,"percentile":237},"2025-12-18",0.00496,0.65092,{"date":239,"score":236,"percentile":240},"2025-12-19",0.65107,{"date":242,"score":236,"percentile":243},"2025-12-20",0.65104,{"date":245,"score":236,"percentile":246},"2025-12-21",0.65094,{"date":248,"score":236,"percentile":249},"2025-12-22",0.65088,{"date":251,"score":236,"percentile":252},"2025-12-23",0.65089,{"date":254,"score":236,"percentile":255},"2025-12-24",0.65096,{"date":257,"score":236,"percentile":258},"2025-12-25",0.65121,{"date":260,"score":236,"percentile":261},"2025-12-26",0.65122,{"date":263,"score":264,"percentile":265},"2025-12-27",0.00391,0.59602,{"date":267,"score":236,"percentile":255},"2025-12-28",{"date":269,"score":236,"percentile":270},"2025-12-29",0.65084,{"date":272,"score":236,"percentile":273},"2025-12-30",0.65101,{"date":275,"score":236,"percentile":276},"2025-12-31",0.65126,{"date":278,"score":279,"percentile":280},"2026-01-01",0.00264,0.49895,{"date":282,"score":279,"percentile":283},"2026-01-02",0.49875,{"date":285,"score":279,"percentile":286},"2026-01-03",0.49866,{"date":288,"score":236,"percentile":289},"2026-01-04",0.65127,{"date":291,"score":236,"percentile":292},"2026-01-05",0.65114,{"date":294,"score":236,"percentile":295},"2026-01-06",0.65111,{"date":297,"score":107,"percentile":298},"2026-01-07",0.64533,{"date":300,"score":107,"percentile":301},"2026-01-08",0.64553,{"date":303,"score":107,"percentile":304},"2026-01-09",0.64555,{"date":306,"score":107,"percentile":301},"2026-01-10",{"date":308,"score":107,"percentile":309},"2026-01-11",0.64542,{"date":311,"score":107,"percentile":312},"2026-01-12",0.64527,{"date":314,"score":107,"percentile":315},"2026-01-13",0.64522,{"date":317,"score":318,"percentile":319},"2026-01-14",0.00357,0.5743,{"date":321,"score":318,"percentile":322},"2026-01-15",0.57433,{"date":324,"score":325,"percentile":326},"2026-01-16",0.00485,0.64762,{"date":328,"score":325,"percentile":329},"2026-01-17",0.6475,{"date":331,"score":332,"percentile":333},"2026-01-18",0.0057,0.67992,{"date":335,"score":332,"percentile":336},"2026-01-19",0.67979,{"date":338,"score":332,"percentile":339},"2026-01-20",0.6799,{"date":341,"score":332,"percentile":342},"2026-01-21",0.67998,{"date":344,"score":345,"percentile":346},"2026-01-22",0.00499,0.65283,{"date":348,"score":345,"percentile":349},"2026-01-23",0.65316,{"date":351,"score":345,"percentile":352},"2026-01-24",0.65324,{"date":354,"score":345,"percentile":355},"2026-01-25",0.65293,{"date":357,"score":345,"percentile":358},"2026-01-26",0.65282,{"date":360,"score":345,"percentile":361},"2026-01-27",0.65291,{"date":363,"score":345,"percentile":364},"2026-01-28",0.65303,{"date":366,"score":345,"percentile":364},"2026-01-29",{"date":368,"score":345,"percentile":369},"2026-01-30",0.65311,{"date":371,"score":345,"percentile":372},"2026-01-31",0.65315,{"date":374,"score":375,"percentile":376},"2026-02-01",0.00249,0.48045,[378],{"source":71,"cvss_v2_0":379,"cvss_v3_0":9,"cvss_v3_1":384,"cvss_v4_0":9},{"baseScore":380,"baseSeverity":9,"vectorString":381,"impactScore":382,"exploitabilityScore":383},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,10,{"baseScore":69,"baseSeverity":385,"vectorString":72,"impactScore":69,"exploitabilityScore":383},"CRITICAL",[387,395],{"ecosystem":9,"name":388,"vendor":389,"product":388,"cpe_part":390,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":391},"oniguruma","oniguruma_project","a",[392],{"version":393,"is_range":31,"range_type":394,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.2.0","cpe",{"ecosystem":9,"name":396,"vendor":9,"product":396,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":397},"PHP",[398,405,409],{"version":399,"is_range":400,"range_type":394,"version_start":401,"version_start_type":402,"version_end":403,"version_end_type":404,"fixed_in":9},"gte5.6.0_lt5.6.31",true,"5.6.0","including","5.6.31","excluding",{"version":406,"is_range":400,"range_type":394,"version_start":407,"version_start_type":402,"version_end":408,"version_end_type":404,"fixed_in":9},"gte7.0.0_lt7.0.21","7.0.0","7.0.21",{"version":410,"is_range":400,"range_type":394,"version_start":411,"version_start_type":402,"version_end":412,"version_end_type":404,"fixed_in":9},"gte7.1.0_lt7.1.7","7.1.0","7.1.7"]