Lucene search
Ubuntu.comUB:CVE-2024-27280HistoryMay 14, 2024 - 12:00 a.m.
CVE-2024-27280
2024-05-1400:00:00
ubuntu.com
ubuntu.com
14
buffer overread
vulnerability
stringio
unix
A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in
Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc
methods on a StringIO can read past the end of a string, and a subsequent
call to StringIO.gets may return the memory value. 3.0.3 is the main fixed
version; however, for Ruby 3.0 users, a fixed version is stringio 3.0.1.1,
and for Ruby 3.1 users, a fixed version is stringio 3.0.1.2.
Notes
| Author | Note |
|---|---|
| mdeslaur | commit in 3.0.1.2 appears to be a bug fix which is unrelated to this CVE. |
Related
alpinelinux
alpinelinux
CVE-2024-27280
2024-05-14 15:11:56
cvelist
cvelist
CVE-2024-27280
1976-01-01 00:00:00
github
github
StringIO buffer overread vulnerability
2024-03-25 19:36:52
cve
cve
CVE-2024-27280
2024-05-14 15:11:56
cgr
cgr
CVE-2024-27280 vulnerabilities
2024-05-19 03:07:16
redhatcve
redhatcve
CVE-2024-27280
2024-03-21 18:15:36
osv
osv
StringIO buffer overread vulnerability
2024-03-25 19:36:52
CVE-2024-27280
2024-05-14 15:11:56
ruby3.1 - security update
2024-05-03 00:00:00
nvd
nvd
CVE-2024-27280
2024-05-14 15:11:56
vulnrichment
vulnrichment
CVE-2024-27280
1976-01-01 00:00:00
wolfi
wolfi
CVE-2024-27280 vulnerabilities
2024-06-26 09:08:30
debiancve
debiancve
CVE-2024-27280
2024-05-14 15:11:56
veracode
veracode
Buffer Over-read
2024-03-29 07:40:04
nessus
nessus
EulerOS 2.0 SP11 : ruby (EulerOS-SA-2024-1846)
2024-06-25 00:00:00
EulerOS 2.0 SP11 : ruby (EulerOS-SA-2024-1825)
2024-06-25 00:00:00
AlmaLinux 8 : ruby:3.3 (ALSA-2024:3670)
2024-06-10 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-1846)
2024-06-25 00:00:00
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-1825)
2024-06-25 00:00:00
Fedora: Security Advisory for ruby (FEDORA-2024-14db7b21a2)
2024-05-27 00:00:00
rocky
rocky
ruby:3.1 security, bug fix, and enhancement update
2024-06-14 13:59:30
ruby:3.1 security, bug fix, and enhancement update
2024-06-14 14:00:40
ruby:3.3 security, bug fix, and enhancement update
2024-06-14 14:00:40
oraclelinux
oraclelinux
ruby:3.3 security, bug fix, and enhancement update
2024-06-07 00:00:00
ruby:3.1 security, bug fix, and enhancement update
2024-06-03 00:00:00
ruby:3.3 security, bug fix, and enhancement update
2024-06-06 00:00:00
redhat
redhat
(RHSA-2024:3500) Moderate: ruby:3.0 security update
2024-05-30 12:07:40
debian
debian
[SECURITY] [DSA 5677-1] ruby3.1 security update
2024-05-03 19:47:30
slackware
slackware
[slackware-security] ruby
2024-04-23 22:33:22
almalinux
almalinux
Moderate: ruby:3.1 security, bug fix, and enhancement update
2024-06-03 00:00:00
Moderate: ruby:3.3 security, bug fix, and enhancement update
2024-06-06 00:00:00
Moderate: ruby:3.3 security, bug fix, and enhancement update
2024-06-06 00:00:00
mageia
mageia
Updated ruby packages fix security vulnerabilities
2024-05-09 05:40:29
fedora
fedora
[SECURITY] Fedora 40 Update: ruby-3.3.1-7.fc40
2024-05-03 01:46:00
[SECURITY] Fedora 39 Update: ruby-3.2.4-182.fc39
2024-05-04 01:33:23
[SECURITY] Fedora 38 Update: ruby-3.2.4-182.fc38
2024-05-04 02:20:05
photon
photon
Important Photon OS Security Update - PHSA-2024-5.0-0247
2024-04-16 00:00:00