Количество 10
Количество 10
CVE-2015-7551
The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string, related to the DL module and the libffi library. NOTE: this vulnerability exists because of a CVE-2009-5147 regression.
CVE-2015-7551
The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string, related to the DL module and the libffi library. NOTE: this vulnerability exists because of a CVE-2009-5147 regression.
CVE-2015-7551
The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string, related to the DL module and the libffi library. NOTE: this vulnerability exists because of a CVE-2009-5147 regression.
CVE-2015-7551
The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby befor ...
GHSA-m9xr-x5mq-4fp5
The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string, related to the DL module and the libffi library. NOTE: this vulnerability exists because of a CVE-2009-5147 regression.
BDU:2016-00903
Уязвимость интерпретатора Ruby, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
openSUSE-SU-2017:0933-1
Security update for ruby2.2, ruby2.3
SUSE-SU-2017:0948-1
Security update for ruby
openSUSE-SU-2017:1128-1
Security update for ruby2.1
SUSE-SU-2017:1067-1
Security update for ruby2.1
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2015-7551 The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string, related to the DL module and the libffi library. NOTE: this vulnerability exists because of a CVE-2009-5147 regression. | CVSS3: 8.4 | 0% Низкий | почти 10 лет назад |
 | CVE-2015-7551 The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string, related to the DL module and the libffi library. NOTE: this vulnerability exists because of a CVE-2009-5147 regression. | CVSS2: 2.6 | 0% Низкий | больше 16 лет назад |
 | CVE-2015-7551 The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string, related to the DL module and the libffi library. NOTE: this vulnerability exists because of a CVE-2009-5147 regression. | CVSS3: 8.4 | 0% Низкий | почти 10 лет назад |
| CVE-2015-7551 The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby befor ... | CVSS3: 8.4 | 0% Низкий | почти 10 лет назад |
| GHSA-m9xr-x5mq-4fp5 The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string, related to the DL module and the libffi library. NOTE: this vulnerability exists because of a CVE-2009-5147 regression. | CVSS3: 8.4 | 0% Низкий | больше 3 лет назад |
 | BDU:2016-00903 Уязвимость интерпретатора Ruby, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код | CVSS2: 4.6 | 0% Низкий | почти 10 лет назад |
 | openSUSE-SU-2017:0933-1 Security update for ruby2.2, ruby2.3 | почти 9 лет назад | ||
| SUSE-SU-2017:0948-1 Security update for ruby | почти 9 лет назад | ||
| openSUSE-SU-2017:1128-1 Security update for ruby2.1 | почти 9 лет назад | ||
| SUSE-SU-2017:1067-1 Security update for ruby2.1 | почти 9 лет назад |
Уязвимостей на страницу