0.001 Low
EPSS
Percentile
40.7%
In the Ox gem 2.8.0 for Ruby, the process crashes with a segmentation fault when a crafted input is supplied to parse_obj. NOTE: the vendor has stated “Ox should handle the error more gracefully” but has not confirmed a security implication.
parse_obj
github.com/ohler55/ox
github.com/ohler55/ox/issues/194
github.com/rubysec/ruby-advisory-db/blob/master/gems/ox/CVE-2017-15928.yml
nvd.nist.gov/vuln/detail/CVE-2017-15928
rubygems.org/gems/ox/versions/2.8.0