Lucene search

[email protected]NVD:CVE-2017-14064

HistoryAug 31, 2017 - 5:29 p.m.

CVE-2017-14064

2017-08-3117:29:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.006

Percentile

78.5%

JSON

Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a ‘\0’ byte, returning a pointer to a string of length zero, which is not the length stored in space_len.

Affected configurations

Nvd

Node

ruby-langrubyRange≤2.2.7

ruby-langrubyMatch2.3.0

ruby-langrubyMatch2.3.0preview1

ruby-langrubyMatch2.3.0preview2

ruby-langrubyMatch2.3.1

ruby-langrubyMatch2.3.2

ruby-langrubyMatch2.3.3

ruby-langrubyMatch2.3.4

ruby-langrubyMatch2.4.0

ruby-langrubyMatch2.4.0preview1

ruby-langrubyMatch2.4.0preview2

ruby-langrubyMatch2.4.0preview3

ruby-langrubyMatch2.4.0rc1

ruby-langrubyMatch2.4.1

Node

debiandebian_linuxMatch8.0

debiandebian_linuxMatch9.0

Node

canonicalubuntu_linuxMatch14.04lts

canonicalubuntu_linuxMatch16.04lts

canonicalubuntu_linuxMatch17.10

Node

redhatenterprise_linux_desktopMatch7.0

redhatenterprise_linux_serverMatch7.0

redhatenterprise_linux_server_ausMatch7.4

redhatenterprise_linux_server_ausMatch7.6

redhatenterprise_linux_server_eusMatch7.4

redhatenterprise_linux_server_eusMatch7.5

redhatenterprise_linux_server_eusMatch7.6

redhatenterprise_linux_server_tusMatch7.4

redhatenterprise_linux_server_tusMatch7.6

redhatenterprise_linux_workstationMatch7.0

VendorProductVersionCPE
ruby-langruby*cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
ruby-langruby2.3.0cpe:2.3:a:ruby-lang:ruby:2.3.0:*:*:*:*:*:*:*
ruby-langruby2.3.0cpe:2.3:a:ruby-lang:ruby:2.3.0:preview1:*:*:*:*:*:*
ruby-langruby2.3.0cpe:2.3:a:ruby-lang:ruby:2.3.0:preview2:*:*:*:*:*:*
ruby-langruby2.3.1cpe:2.3:a:ruby-lang:ruby:2.3.1:*:*:*:*:*:*:*
ruby-langruby2.3.2cpe:2.3:a:ruby-lang:ruby:2.3.2:*:*:*:*:*:*:*
ruby-langruby2.3.3cpe:2.3:a:ruby-lang:ruby:2.3.3:*:*:*:*:*:*:*
ruby-langruby2.3.4cpe:2.3:a:ruby-lang:ruby:2.3.4:*:*:*:*:*:*:*
ruby-langruby2.4.0cpe:2.3:a:ruby-lang:ruby:2.4.0:*:*:*:*:*:*:*
ruby-langruby2.4.0cpe:2.3:a:ruby-lang:ruby:2.4.0:preview1:*:*:*:*:*:*

Vendor	Product	Version	CPE
ruby-lang	ruby	*	cpe:2.3:a:ruby-lang:ruby::::::::
ruby-lang	ruby	2.3.0	cpe:2.3:a:ruby-lang:ruby:2.3.0:::::::*
ruby-lang	ruby	2.3.0	cpe:2.3:a:ruby-lang:ruby:2.3.0:preview1::::::
ruby-lang	ruby	2.3.0	cpe:2.3:a:ruby-lang:ruby:2.3.0:preview2::::::
ruby-lang	ruby	2.3.1	cpe:2.3:a:ruby-lang:ruby:2.3.1:::::::*
ruby-lang	ruby	2.3.2	cpe:2.3:a:ruby-lang:ruby:2.3.2:::::::*
ruby-lang	ruby	2.3.3	cpe:2.3:a:ruby-lang:ruby:2.3.3:::::::*
ruby-lang	ruby	2.3.4	cpe:2.3:a:ruby-lang:ruby:2.3.4:::::::*
ruby-lang	ruby	2.4.0	cpe:2.3:a:ruby-lang:ruby:2.4.0:::::::*
ruby-lang	ruby	2.4.0	cpe:2.3:a:ruby-lang:ruby:2.4.0:preview1::::::