Lucene search
K

4 matches found

Cvelist
Cvelist
added 2024/05/08 8:40 p.m.30 views

CVE-2024-27282

An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. The fixed versions are 3.0.7, 3.1.5, 3.2.4, and 3.3.1...

7AI score0.00629EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/08 8:40 p.m.25 views

CVE-2024-27282

An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. The fixed versions are 3.0.7, 3.1.5, 3.2.4, and 3.3.1...

6.8AI score0.00629EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/03 12:0 a.m.23 views

Fedora 39 : ruby (2024-31cac8b8ec)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-31cac8b8ec advisory. Upgrade to Ruby 3.2.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

9.8CVSS7.6AI score0.02637EPSS
Exploits0References6
RubySec
RubySec
added 2024/04/23 12:0 a.m.39 views

Arbitrary memory address read vulnerability with Regex search

If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. We recommend to update the Ruby to version 3.3.1 or later. In order to ensure compatibility with older Ruby...

6.6CVSS7.3AI score0.00629EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder