exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 7

CVE-2017-0898

около 8 лет назад

Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap.

CVSS3: 9.1

EPSS: Низкий

CVE-2017-0898

около 8 лет назад

Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap.

CVSS3: 6.5

EPSS: Низкий

CVE-2017-0898

около 8 лет назад

Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap.

CVSS3: 9.1

EPSS: Низкий

CVE-2017-0898

около 8 лет назад

Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious forma ...

CVSS3: 9.1

EPSS: Низкий

GHSA-wvmx-3rv2-5jgf

больше 3 лет назад

Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap.

CVSS3: 9.1

EPSS: Низкий

ELSA-2018-0378

больше 7 лет назад

ELSA-2018-0378: ruby security update (IMPORTANT)

EPSS: Низкий

SUSE-SU-2020:1570-1

больше 5 лет назад

Security update for ruby2.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2017-0898 Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap.	CVSS3: 9.1	1% Низкий	около 8 лет назад
CVE-2017-0898 Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap.	CVSS3: 6.5	1% Низкий	около 8 лет назад
CVE-2017-0898 Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap.	CVSS3: 9.1	1% Низкий	около 8 лет назад
CVE-2017-0898 Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious forma ...	CVSS3: 9.1	1% Низкий	около 8 лет назад
GHSA-wvmx-3rv2-5jgf Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap.	CVSS3: 9.1	1% Низкий	больше 3 лет назад
ELSA-2018-0378 ELSA-2018-0378: ruby security update (IMPORTANT)			больше 7 лет назад
SUSE-SU-2020:1570-1 Security update for ruby2.1			больше 5 лет назад

Уязвимостей на страницу