Количество 13
Количество 13
CVE-2020-10933
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter.
CVE-2020-10933
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter.
CVE-2020-10933
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter.
CVE-2020-10933
CVE-2020-10933
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6 ...
GHSA-g5hm-28jr-53fh
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter.
BDU:2020-02445
Уязвимость функций BasicSocket#recv_nonblock и BasicSocket#read_nonblock интерпретатора языка программирования Ruby, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
openSUSE-SU-2020:0586-1
Security update for ruby2.5
SUSE-SU-2020:0995-1
Security update for ruby2.5
RLSA-2021:2587
Moderate: ruby:2.5 security, bug fix, and enhancement update
ELSA-2021-2587
ELSA-2021-2587: ruby:2.5 security, bug fix, and enhancement update (MODERATE)
RLSA-2021:2588
Moderate: ruby:2.6 security, bug fix, and enhancement update
ELSA-2021-2588
ELSA-2021-2588: ruby:2.6 security, bug fix, and enhancement update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-10933 An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter. | CVSS3: 5.3 | 0% Низкий | больше 5 лет назад |
 | CVE-2020-10933 An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter. | CVSS3: 5.3 | 0% Низкий | больше 5 лет назад |
 | CVE-2020-10933 An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter. | CVSS3: 5.3 | 0% Низкий | больше 5 лет назад |
 | CVSS3: 5.3 | 0% Низкий | почти 5 лет назад | |
| CVE-2020-10933 An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6 ... | CVSS3: 5.3 | 0% Низкий | больше 5 лет назад |
| GHSA-g5hm-28jr-53fh An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter. | CVSS3: 5.3 | 0% Низкий | больше 3 лет назад |
 | BDU:2020-02445 Уязвимость функций BasicSocket#recv_nonblock и BasicSocket#read_nonblock интерпретатора языка программирования Ruby, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации | CVSS3: 5.3 | 0% Низкий | больше 5 лет назад |
 | openSUSE-SU-2020:0586-1 Security update for ruby2.5 | больше 5 лет назад | ||
| SUSE-SU-2020:0995-1 Security update for ruby2.5 | больше 5 лет назад | ||
 | RLSA-2021:2587 Moderate: ruby:2.5 security, bug fix, and enhancement update | около 4 лет назад | ||
| ELSA-2021-2587 ELSA-2021-2587: ruby:2.5 security, bug fix, and enhancement update (MODERATE) | около 4 лет назад | ||
| RLSA-2021:2588 Moderate: ruby:2.6 security, bug fix, and enhancement update | около 4 лет назад | ||
| ELSA-2021-2588 ELSA-2021-2588: ruby:2.6 security, bug fix, and enhancement update (MODERATE) | около 4 лет назад |
Уязвимостей на страницу