Lucene search
FreeBSD2CE1A2F1-0177-11EF-A45E-08002784C58DHistoryApr 23, 2024 - 12:00 a.m.
ruby -- Arbitrary memory address read vulnerability with Regex search
2024-04-2300:00:00
vuxml.freebsd.org
12
ruby
regex
memory
address
vulnerability
heap
data
sensitive
strings
unix
7.3 High
AI Score
Confidence
Low
sp2ip reports:
If attacker-supplied data is provided to the Ruby regex
compiler, it is possible to extract arbitrary heap data
relative to the start of the text, including pointers and
sensitive strings.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | ruby | = 3.1.0,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby | < 3.1.5,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby31 | = 3.1.0,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby31 | < 3.1.5,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby32 | = 3.2.0,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby32 | < 3.2.4,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby33 | = 3.3.0,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby33 | < 3.3.1,1 | UNKNOWN |
Related
cvelist
cvelist
CVE-2024-27282
2024-05-08 20:40:42
cve
cve
CVE-2024-27282
2024-05-14 15:11:57
debiancve
debiancve
CVE-2024-27282
2024-05-14 15:11:57
ubuntucve
ubuntucve
CVE-2024-27282
2024-05-14 00:00:00
alpinelinux
alpinelinux
CVE-2024-27282
2024-05-14 15:11:57
redhatcve
redhatcve
CVE-2024-27282
2024-04-24 05:34:31
osv
osv
CVE-2024-27282
2024-05-14 15:11:57
ruby3.1 - security update
2024-05-03 00:00:00
nessus
nessus
FreeBSD : ruby -- Arbitrary memory address read vulnerability with Regex search (2ce1a2f1-0177-11ef-a45e-08002784c58d)
2024-04-24 00:00:00
Debian dsa-5677 : libruby3.1 - security update
2024-05-04 00:00:00
Fedora 40 : ruby (2024-14db7b21a2)
2024-05-02 00:00:00
debian
debian
[SECURITY] [DSA 5677-1] ruby3.1 security update
2024-05-03 19:47:30
slackware
slackware
[slackware-security] ruby
2024-04-23 22:33:22
openvas
openvas
Slackware: Security Advisory (SSA:2024-114-01)
2024-04-24 00:00:00
Debian: Security Advisory (DSA-5677-1)
2024-05-06 00:00:00
Mageia: Security Advisory (MGASA-2024-0160)
2024-05-09 00:00:00
mageia
mageia
Updated ruby packages fix security vulnerabilities
2024-05-09 05:40:29
fedora
fedora
[SECURITY] Fedora 40 Update: ruby-3.3.1-7.fc40
2024-05-03 01:46:00
[SECURITY] Fedora 38 Update: ruby-3.2.4-182.fc38
2024-05-04 02:20:05
[SECURITY] Fedora 39 Update: ruby-3.2.4-182.fc39
2024-05-04 01:33:23
almalinux
almalinux
Moderate: ruby:3.0 security update
2024-05-30 00:00:00
redhat
redhat
(RHSA-2024:3500) Moderate: ruby:3.0 security update
2024-05-30 12:07:40
oraclelinux
oraclelinux
ruby:3.0 security update
2024-05-31 00:00:00