2 matches found
CVE-2017-16229
CVE-2017-16229 affects the Ox gem for Ruby (version 2.8.1). The vulnerability is a stack-based buffer over-read in sax_buf.c, in read_from_str, triggered by crafted input to sax_parse, which can cause the process to crash (denial of service). The available connected documents confirm the vulnerab...
CVE-2017-15928
Ox gem for Ruby (version 2.8.0) is affected by CVE-2017-15928: parsing crafted input with parse_obj can crash the process with a segmentation fault. The NVD entry provides CVSS vectors (2.0/3.0) and a base score of 5.0 (CVSS2) / 7.5 (CVSS3), indicating a high severity under CVSS3 but partial impa...