CVE-2020-10933

An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocketreadnonblockrequestedsize, buffer, exception: false, the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous valu...

CVE-2020-10933

An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocketreadnonblockrequestedsize, buffer, exception: false, the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous valu...

PT-2020-2439

Name of the Vulnerable Software and Affected Versions Ruby versions 2.5.x through 2.5.7 Ruby versions 2.6.x through 2.6.5 Ruby version 2.7.0 Description An issue in Ruby may expose possibly sensitive data from the interpreter. This occurs when the BasicSocketread nonblock method is called with th...

PT-2019-4673 · Puma +9 · Puma +10

Name of the Vulnerable Software and Affected Versions: Ruby versions prior to 2.4.8 Ruby versions 2.5.x through 2.5.6 Ruby versions 2.6.x through 2.6.4 Puma versions prior to 3.12.3 Puma versions prior to 4.3.2 Description: The issue is related to incorrect handling of special elements in the...