Lucene search
Alpine Linux Development TeamALPINE:CVE-2024-27280HistoryMay 14, 2024 - 3:11 p.m.
CVE-2024-27280
2024-05-1415:11:56
Alpine Linux Development Team
security.alpinelinux.org
7
ruby 3.0.x
ruby 3.0.6
ruby 3.1.x
ruby 3.1.4
buffer-overread issue
stringio
ungetbyte
ungetc
stringio 3.0.1.1
stringio 3.0.1.2
memory values
A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fixed version; however, for Ruby 3.0 users, a fixed version is stringio 3.0.1.1, and for Ruby 3.1 users, a fixed version is stringio 3.0.1.2.
Related
cvelist
cvelist
CVE-2024-27280
1976-01-01 00:00:00
cve
cve
CVE-2024-27280
2024-05-14 15:11:56
github
github
StringIO buffer overread vulnerability
2024-03-25 19:36:52
cgr
cgr
CVE-2024-27280 vulnerabilities
2024-05-19 03:07:16
redhatcve
redhatcve
CVE-2024-27280
2024-03-21 18:15:36
ubuntucve
ubuntucve
CVE-2024-27280
2024-05-14 00:00:00
osv
osv
StringIO buffer overread vulnerability
2024-03-25 19:36:52
CVE-2024-27280
2024-05-14 15:11:56
ruby3.1 - security update
2024-05-03 00:00:00
vulnrichment
vulnrichment
CVE-2024-27280
1976-01-01 00:00:00
nvd
nvd
CVE-2024-27280
2024-05-14 15:11:56
wolfi
wolfi
CVE-2024-27280 vulnerabilities
2024-06-18 03:08:19
veracode
veracode
Buffer Over-read
2024-03-29 07:40:04
debiancve
debiancve
CVE-2024-27280
2024-05-14 15:11:56
redhat
redhat
(RHSA-2024:3500) Moderate: ruby:3.0 security update
2024-05-30 12:07:40
slackware
slackware
[slackware-security] ruby
2024-04-23 22:33:22
debian
debian
[SECURITY] [DSA 5677-1] ruby3.1 security update
2024-05-03 19:47:30
rocky
rocky
ruby:3.1 security, bug fix, and enhancement update
2024-06-14 13:59:30
ruby:3.1 security, bug fix, and enhancement update
2024-06-14 14:00:40
ruby:3.3 security, bug fix, and enhancement update
2024-06-14 14:00:40
oraclelinux
oraclelinux
ruby:3.3 security, bug fix, and enhancement update
2024-06-07 00:00:00
ruby:3.1 security, bug fix, and enhancement update
2024-06-03 00:00:00
ruby:3.1 security, bug fix, and enhancement update
2024-06-06 00:00:00
nessus
nessus
Debian dsa-5677 : libruby3.1 - security update
2024-05-04 00:00:00
AlmaLinux 8 : ruby:3.3 (ALSA-2024:3670)
2024-06-10 00:00:00
Rocky Linux 9 : ruby:3.3 (RLSA-2024:3671)
2024-06-14 00:00:00
openvas
openvas
Fedora: Security Advisory for ruby (FEDORA-2024-14db7b21a2)
2024-05-27 00:00:00
Slackware: Security Advisory (SSA:2024-114-01)
2024-04-24 00:00:00
Mageia: Security Advisory (MGASA-2024-0160)
2024-05-09 00:00:00
mageia
mageia
Updated ruby packages fix security vulnerabilities
2024-05-09 05:40:29
almalinux
almalinux
Moderate: ruby:3.1 security, bug fix, and enhancement update
2024-06-03 00:00:00
Moderate: ruby:3.3 security, bug fix, and enhancement update
2024-06-06 00:00:00
Moderate: ruby:3.3 security, bug fix, and enhancement update
2024-06-06 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: ruby-3.3.1-7.fc40
2024-05-03 01:46:00
[SECURITY] Fedora 38 Update: ruby-3.2.4-182.fc38
2024-05-04 02:20:05
[SECURITY] Fedora 39 Update: ruby-3.2.4-182.fc39
2024-05-04 01:33:23
photon
photon
Important Photon OS Security Update - PHSA-2024-5.0-0247
2024-04-16 00:00:00