MiracleLinux 7 : ruby-2.0.0.648-39.0.3.el7.AXS7 (AXSA:2025-10921:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10921:03 advisory. CVE-2017-9226: fix a heap out-of-bounds write or read occurs in nextstateval during regular expression compilation. CVE-2016-2338: fix heap overflo...

Medium: ruby

Issue Overview: An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can...

Amazon Linux 2 : ruby, --advisory ALAS2-2025-2990 (ALAS-2025-2990)

The version of ruby installed on the remote host is prior to 2.0.0.648-36. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2990 advisory. An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter...

CVE-2016-2338

An exploitable heap overflow vulnerability was found in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on the tags array length. A specially constructed object passed as elements of tags array can increase th...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the startdocument function in psychemitter.c. Passing in a malicious tags array can trigger a crash. PoC: ruby require 'Psych' $tags = puts "+ Start" f = File.new"newfile", "w+" emitter = Psych::Emitter.new...

CVE-2016-2338

An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array...

CVE-2016-2338

An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array...

UBUNTU-CVE-2016-2338

An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array...

Heap overflow

An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array...

Exploitable heap overflow vulnerability exists in Ruby's Psych::Emitter start_document function

An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array...

Debian: Security Advisory (DLA-2158-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2158-1 : ruby2.1 security update

An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer 'head' allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array...

CVE-2016-2338

An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array...

EUVD-2016-3422

An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array...

PT-2020-8031 · Ruby · Ruby

Name of the Vulnerable Software and Affected Versions: Ruby affected versions not specified Description: A heap overflow issue exists in the Psych::Emitter start document function of Ruby. The heap buffer head allocation is based on the tags array length. A specially constructed object passed as ...

CVE-2016-2338

Removed by vendor...

Ruby Psych::Emitter start_document Heap Overflow Vulnerability

Talos Vulnerability Report TALOS-2016-0032 Ruby Psych::Emitter startdocument Heap Overflow Vulnerability June 14, 2016 CVE Number CVE-2016-2338 DESCRIPTION An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument...