23 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-27281
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdocoptions used for configuration in RDoc as a YAM...
RHSA-2022:6450 Red Hat Security Advisory: ruby:3.0 security, bug fix, and enhancement update
Bulletin has no description...
RHSA-2024:3500 Red Hat Security Advisory: ruby:3.0 security update
Bulletin has no description...
AlmaLinux 8 : ruby:3.0 (ALSA-2024:3500)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3500 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS vulnerability in Time CVE-2023-287...
ALPINE-CVE-2024-27280
A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fix...
CVE-2024-27280
A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fix...
CVE-2024-27280
A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fix...
CVE-2024-27280 vulnerabilities
Vulnerabilities for packages: ruby...
CVE-2024-27280 vulnerabilities
Vulnerabilities for packages: ruby...
CVE-2024-27280
A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fix...
GHSA-V5H6-C2HV-HV3R StringIO buffer overread vulnerability
An issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. This vulnerability is not affected...
GHSA-V5H6-C2HV-HV3R vulnerabilities
Vulnerabilities for packages: ruby...
GHSA-V5H6-C2HV-HV3R vulnerabilities
Vulnerabilities for packages: ruby...
Buffer overread vulnerability in StringIO
An issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. This vulnerability is not affected...
GHSA-FG7X-G82R-94QC vulnerabilities
Vulnerabilities for packages: ruby...
CVE-2023-28756 vulnerabilities
Vulnerabilities for packages: ruby...
GHSA-VC47-6RQG-C7F5 vulnerabilities
Vulnerabilities for packages: ruby...
GHSA-VC47-6RQG-C7F5 vulnerabilities
Vulnerabilities for packages: ruby...
CVE-2021-33621 vulnerabilities
Vulnerabilities for packages: ruby...
CVE-2021-33621 vulnerabilities
Vulnerabilities for packages: ruby...