20 matches found
Astra Linux - уязвимость в ruby2.5
A buffer-overread issue was discovered in StringIO 3.0.1, which is available in Ruby 3.0.x through 3.0.6, and in Ruby 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is...
Linux Distros Unpatched Vulnerability : CVE-2024-27280
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods o...
ruby: Buffer overread vulnerability in StringIO
A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value...
USN-6853-1: Ruby vulnerability
It was discovered that Ruby incorrectly handled the ungetbyte and ungetc methods. A remote attacker could use this issue to cause Ruby to crash, resulting in a denial of service, or possibly obtain sensitive information...
USN-6853-1 ruby2.7, ruby3.0, ruby3.1 vulnerability
It was discovered that Ruby incorrectly handled the ungetbyte and ungetc methods. A remote attacker could use this issue to cause Ruby to crash, resulting in a denial of service, or possibly obtain sensitive information...
ruby: Buffer overread vulnerability in StringIO
A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value...
ruby: Buffer overread vulnerability in StringIO
A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value...
ruby: Buffer overread vulnerability in StringIO
A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value...
ruby: Buffer overread vulnerability in StringIO
A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value...
ruby: Buffer overread vulnerability in StringIO
A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value...
ruby: Buffer overread vulnerability in StringIO
A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value...
ALPINE-CVE-2024-27280
A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fix...
UBUNTU-CVE-2024-27280
A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fix...
CVE-2024-27280
A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fix...
OESA-2024-1433 ruby security update
Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a...
The vulnerability of the ungetbyte and ungetc methods in the StringIO string handling utilities in the Ruby programming language allows attackers to compromise the confidentiality of the protected information.
The vulnerability of the ungetbyte and ungetc methods in the StringIO string handling utilities in the Ruby programming language is related to the occurrence of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality of the...
Buffer Over-read
stringio is vulnerable to Buffer over-read. The vulnerability is due to improper bounds checking in the ungetbyte and ungetc methods, It allows an attacker to potentially access uninitialized or freed memory content, leading to the exposure of sensitive data...
SUSE CVE-2024-27280
A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fix...
CVE-2024-27280
A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. Mitigation Mitigation for this issue is either not available or the currently availabl...
Buffer Over-read
Overview Affected versions of this package are vulnerable to Buffer Over-read due to the improper handling of the ungetbyte and ungetc methods on a StringIO object, which can read past the end of a string. An attacker can obtain sensitive information from memory by invoking StringIO.gets after...