Описание
In the Ox gem 2.8.0 for Ruby, the process crashes with a segmentation fault when a crafted input is supplied to parse_obj. NOTE: the vendor has stated "Ox should handle the error more gracefully" but has not confirmed a security implication.
Ссылки
- ExploitThird Party Advisory
- Vendor Advisory
- ExploitThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:ox_project:ox:2.8.0:*:*:*:*:ruby:*:*
EPSS
Процентиль: 64%
0.00459
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 8 лет назад
In the Ox gem 2.8.0 for Ruby, the process crashes with a segmentation fault when a crafted input is supplied to parse_obj. NOTE: the vendor has stated "Ox should handle the error more gracefully" but has not confirmed a security implication.
CVSS3: 7.5
debian
больше 8 лет назад
In the Ox gem 2.8.0 for Ruby, the process crashes with a segmentation ...
EPSS
Процентиль: 64%
0.00459
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-20