Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1195)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-11465

The parseryyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial of service invalid write or read or possibly have unspecified other impact via a crafted Ruby script, related to the parsertokaddutf8 function in parse.y. NOTE: this might have security relevance as a...

CVE-2017-11465

The parseryyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial of service invalid write or read or possibly have unspecified other impact via a crafted Ruby script, related to the parsertokaddutf8 function in parse.y. NOTE: this might have security relevance as a...

CVE-2017-11465

The parseryyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial of service invalid write or read or possibly have unspecified other impact via a crafted Ruby script, related to the parsertokaddutf8 function in parse.y. NOTE: this might have security relevance as a...

CVE-2017-11465

CVE-2017-11465 concerns Ruby 2.4.1’s UTF-8 parser. The vulnerability lies in the function parser_yyerror (related to parser_tokadd_utf8 in parse.y), which can be triggered by a crafted script to cause a denial of service via invalid read/write and may have other impact, including potential bypass...

CVE-2017-11465

Removed by vendor...

Ruby: Ruby 2.4.1 has "Stack consistency error" and aborts when processing return statement within a case statement

Hi, I found the following file causes a ruby bug stating "Stack consistency error" and aborts. File: 0case when 0 return end xxd -g1 output of file 00000000: 30 3e 63 61 73 65 0a 77 68 65 6e 20 30 0a 72 65 0case.when 0.re 00000010: 74 75 72 6e 20 65 6e 64 0a turn end. ruby output: crash.rb:3: BUG...

CVE-2017-9227

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbcenclen during regular expression searching. Invalid handling of reg-dmin in forwardsearchrange could result in an invalid pointer...

CVE-2017-9229

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in leftadjustcharhead during regular expression compilation. Invalid handling of reg-dmax in forwardsearchrange could result in an invalid pointer...

CVE-2017-9227

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbcenclen during regular expression searching. Invalid handling of reg-dmin in forwardsearchrange could result in an invalid pointer...