Lucene search
GoogleOSV:CVE-2024-27280HistoryMay 14, 2024 - 3:11 p.m.
CVE-2024-27280
2024-05-1415:11:56
Google
osv.dev
5
cve-2024-27280
ruby 3.0.x
ruby 3.1.x
stringio
buffer-overread
fixed version
A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fixed version; however, for Ruby 3.0 users, a fixed version is stringio 3.0.1.1, and for Ruby 3.1 users, a fixed version is stringio 3.0.1.2.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ruby | eq | 2.6.5-r3 | |
| ruby | eq | 1.9.3_p374-r0 | |
| ruby | eq | 2.4.3-r3 | |
| ruby | eq | 2.5.3-r3 | |
| ruby | eq | 2.0.0_p247-r3 | |
| ruby | eq | 1.8.7_p160-r2 | |
| ruby | eq | 2.6.3-r3 | |
| ruby | eq | 2.3.3-r2 | |
| ruby | eq | 3.0.2-r3 | |
| ruby | eq | 1.9.3_p286-r2 |
Related
alpinelinux
alpinelinux
CVE-2024-27280
2024-05-14 15:11:56
cvelist
cvelist
CVE-2024-27280
1976-01-01 00:00:00
github
github
StringIO buffer overread vulnerability
2024-03-25 19:36:52
cve
cve
CVE-2024-27280
2024-05-14 15:11:56
cgr
cgr
CVE-2024-27280 vulnerabilities
2024-05-19 03:07:16
redhatcve
redhatcve
CVE-2024-27280
2024-03-21 18:15:36
osv
osv
StringIO buffer overread vulnerability
2024-03-25 19:36:52
ruby3.1 - security update
2024-05-03 00:00:00
Moderate: ruby:3.3 security, bug fix, and enhancement update
2024-06-06 00:00:00
nvd
nvd
CVE-2024-27280
2024-05-14 15:11:56
ubuntucve
ubuntucve
CVE-2024-27280
2024-05-14 00:00:00
vulnrichment
vulnrichment
CVE-2024-27280
1976-01-01 00:00:00
wolfi
wolfi
CVE-2024-27280 vulnerabilities
2024-06-26 09:08:30
debiancve
debiancve
CVE-2024-27280
2024-05-14 15:11:56
veracode
veracode
Buffer Over-read
2024-03-29 07:40:04
nessus
nessus
EulerOS 2.0 SP11 : ruby (EulerOS-SA-2024-1846)
2024-06-25 00:00:00
EulerOS 2.0 SP11 : ruby (EulerOS-SA-2024-1825)
2024-06-25 00:00:00
AlmaLinux 8 : ruby:3.3 (ALSA-2024:3670)
2024-06-10 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-1846)
2024-06-25 00:00:00
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-1825)
2024-06-25 00:00:00
Fedora: Security Advisory for ruby (FEDORA-2024-14db7b21a2)
2024-05-27 00:00:00
rocky
rocky
ruby:3.1 security, bug fix, and enhancement update
2024-06-14 13:59:30
ruby:3.1 security, bug fix, and enhancement update
2024-06-14 14:00:40
ruby:3.3 security, bug fix, and enhancement update
2024-06-14 14:00:40
oraclelinux
oraclelinux
ruby:3.3 security, bug fix, and enhancement update
2024-06-07 00:00:00
ruby:3.1 security, bug fix, and enhancement update
2024-06-03 00:00:00
ruby:3.3 security, bug fix, and enhancement update
2024-06-06 00:00:00
redhat
redhat
(RHSA-2024:3500) Moderate: ruby:3.0 security update
2024-05-30 12:07:40
debian
debian
[SECURITY] [DSA 5677-1] ruby3.1 security update
2024-05-03 19:47:30
slackware
slackware
[slackware-security] ruby
2024-04-23 22:33:22
almalinux
almalinux
Moderate: ruby:3.1 security, bug fix, and enhancement update
2024-06-03 00:00:00
Moderate: ruby:3.3 security, bug fix, and enhancement update
2024-06-06 00:00:00
Moderate: ruby:3.3 security, bug fix, and enhancement update
2024-06-06 00:00:00
mageia
mageia
Updated ruby packages fix security vulnerabilities
2024-05-09 05:40:29
fedora
fedora
[SECURITY] Fedora 40 Update: ruby-3.3.1-7.fc40
2024-05-03 01:46:00
[SECURITY] Fedora 38 Update: ruby-3.2.4-182.fc38
2024-05-04 02:20:05
[SECURITY] Fedora 39 Update: ruby-3.2.4-182.fc39
2024-05-04 01:33:23
photon
photon
Important Photon OS Security Update - PHSA-2024-5.0-0247
2024-04-16 00:00:00