Описание
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.
| Релиз | Статус | Примечание |
|---|---|---|
| esm-infra/xenial | released | 2.3.1-2~ubuntu16.04.16+esm3 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.5.1-1ubuntu1.12 |
| esm-infra/bionic | released | 2.5.1-1ubuntu1.12 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| esm-infra/focal | released | 2.7.0-5ubuntu1.7 |
| focal | released | 2.7.0-5ubuntu1.7 |
| impish | released | 2.7.4-1ubuntu3.2 |
| jammy | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| jammy | released | 3.0.2-7ubuntu2.1 |
| kinetic | not-affected | |
| upstream | released | 3.0.4-1 |
Показывать по
Ссылки на источники
EPSS
4.3 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.
There is a buffer over-read in Ruby before 2.6.10 2.7.x before 2.7.6 3.x before 3.0.4 and 3.1.x before 3.1.2. It occurs in String-to-Float conversion including Kernel#Float and String#to_f.
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, ...
EPSS
4.3 Medium
CVSS2
7.5 High
CVSS3