Lucene search
RubySecRUBY:RUBY-2015-7551HistoryDec 15, 2015 - 9:00 p.m.
Unsafe tainted string usage in Fiddle and DL
2015-12-1521:00:00
RubySec
rubysec.com
19
There is an unsafe tainted string vulnerability in Fiddle and DL. This issue was
originally reported and fixed with CVE-2009-5147 in DL, but reappeared after DL
was reimplemented using Fiddle and libffi.
And, about DL, CVE-2009-5147 was fixed at Ruby 1.9.1, but not fixed at other
branches, then rubies which bundled DL except Ruby 1.9.1 are still vulnerable.
Related
osv
osv
ruby1.9.1 - security update
2015-08-26 00:00:00
ruby1.8 - security update
2015-08-26 00:00:00
debian
debian
[SECURITY] [DLA 300-1] ruby1.9.1 security update
2015-08-26 12:22:21
[SECURITY] [DLA 299-1] ruby1.8 security update
2015-08-26 12:22:01
cve
cve
CVE-2009-5147
2017-03-29 14:59:00
CVE-2015-7551
2016-03-24 01:59:00
openvas
openvas
Debian: Security Advisory (DLA-299-1)
2023-03-08 00:00:00
Debian: Security Advisory (DLA-300-1)
2023-03-08 00:00:00
Mageia: Security Advisory (MGASA-2016-0007)
2016-01-14 00:00:00
nessus
nessus
Debian DLA-300-1 : ruby1.9.1 security update
2015-08-27 00:00:00
Debian DLA-299-1 : ruby1.8 security update
2015-08-27 00:00:00
Fedora 22 : ruby-2.2.4-47.fc22 (2015-c4409eb73a)
2016-03-04 00:00:00
prion
prion
Design/Logic Flaw
2017-03-29 14:59:00
Design/Logic Flaw
2016-03-24 01:59:00
veracode
veracode
Arbitrary Code Execution
2019-01-15 09:22:36
ubuntucve
ubuntucve
CVE-2015-7551
2016-03-23 00:00:00
CVE-2009-5147
2017-03-29 00:00:00
mageia
mageia
Updated ruby packages fix security vulnerability
2016-01-12 12:13:53
fedora
fedora
[SECURITY] Fedora 22 Update: ruby-2.2.4-47.fc22
2016-01-08 03:36:39
[SECURITY] Fedora 23 Update: ruby-2.2.4-47.fc23
2015-12-29 22:26:04
freebsd
freebsd
Ruby -- unsafe tainted string vulnerability
2015-12-16 00:00:00
archlinux
archlinux
ruby: unsafe tainted string usage
2015-12-17 00:00:00
ubuntu
ubuntu
Ruby vulnerabilities
2017-07-25 00:00:00
redhat
redhat
Related for RUBY:RUBY-2015-7551