Описание
Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| lucid | ignored | end of life |
| precise | not-affected | 1.8.7.352-2ubuntu1.4 |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needs-triage | |
| utopic | DNE | |
| vivid | DNE | |
| vivid/stable-phone-overlay | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| lucid | ignored | end of life |
| precise | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needs-triage | |
| utopic | DNE | |
| vivid | DNE | |
| vivid/stable-phone-overlay | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.9.3.484-2ubuntu1.1]] |
| lucid | ignored | end of life |
| precise | released | 1.9.3.0-1ubuntu2.9 |
| trusty | released | 1.9.3.484-2ubuntu1.1 |
| trusty/esm | DNE | trusty was released [1.9.3.484-2ubuntu1.1] |
| upstream | needs-triage | |
| utopic | ignored | end of life |
| vivid | ignored | end of life |
| vivid/stable-phone-overlay | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [2.0.0.484-1ubuntu2.1]] |
| lucid | DNE | |
| precise | DNE | |
| trusty | released | 2.0.0.484-1ubuntu2.1 |
| trusty/esm | DNE | trusty was released [2.0.0.484-1ubuntu2.1] |
| upstream | needs-triage | |
| utopic | released | 2.0.0.484+really457-3ubuntu1.1 |
| vivid | DNE | |
| vivid/stable-phone-overlay | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.1.2-2ubuntu2 |
| esm-infra-legacy/trusty | DNE | |
| lucid | DNE | |
| precise | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needs-triage | |
| utopic | released | 2.1.2-2ubuntu1.1 |
| vivid | released | 2.1.2-2ubuntu2 |
| vivid/stable-phone-overlay | DNE |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.
Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.
Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and e ...
Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.
EPSS
5 Medium
CVSS2