Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-27282

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap da...

6.6CVSS7.2AI score0.00629EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2024/05/14 7:0 a.m.4 views

An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler it is possible to extract arbitrary heap data relative to the start of the text including pointers and sensitive strings. The fixed versions are 3.0.7 3.1.5 3.2.4 and 3.3.1.

...

6.6CVSS7.4AI score0.00629EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/05/04 12:0 a.m.30 views

Debian dsa-5677 : libruby3.1 - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5677 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5677-1 [email protected] https://www.debian.org/securit...

9.8CVSS7.4AI score0.02364EPSS
Exploits0References8
RubySec
RubySec
added 2024/04/23 12:0 a.m.39 views

Arbitrary memory address read vulnerability with Regex search

If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. We recommend to update the Ruby to version 3.3.1 or later. In order to ensure compatibility with older Ruby...

6.6CVSS7.3AI score0.00629EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2008/10/21 2:52 p.m.4 views

ruby: Memory allocation failure in Ruby regex engine (remotely exploitable DoS)

The regular expression engine regex.c in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service infinite loop and crash via multiple long requests to a Ruby socket, related to memory allocation failure...

5CVSS7.2AI score0.15678EPSS
Exploits1References4
Snyk
Snyk
added 2008/08/14 11:41 p.m.5 views

Resource Management Errors

Overview Affected versions of this package are vulnerable to Resource Management Errors. The regular expression engine regex.c in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service infinite loop an...

5.3CVSS6.9AI score0.15678EPSS
Exploits1References2
Rows per page
Query Builder