CVSS: 7.5EPSS: 3%CPEs: 24EXPL: 0CVE-2017-14033 – ruby: Buffer underrun in OpenSSL ASN1 decode
https://notcve.org/view.php?id=CVE-2017-14033
19 Sep 2017 — The decode method in the OpenSSL::ASN1 module in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows attackers to cause a denial of service (interpreter crash) via a crafted string. El método decode en el módulo OpenSSL::ASN1 en Ruby en versiones anteriores a la 2.2.8, versiones 2.3.x anteriores a 2.3.5, y 2.4.x hasta la 2.4.1 permite que los atacantes provoquen una denegación de servicio (cierre inesperado del intérprete) mediante una string manipulada. It was found that the decode method... • http://www.securityfocus.com/bid/100868 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 15EXPL: 2CVE-2017-0898 – ruby: Buffer underrun vulnerability in Kernel.sprintf
https://notcve.org/view.php?id=CVE-2017-0898
15 Sep 2017 — Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap. Ruby, en versiones anteriores a la 2.4.2, 2.3.5 y 2.2.8, es vulnerable a una cadena de formato maliciosa qe contiene un especificador (*) con un valor grande negativo. Esta situación puede provocar un desbordamiento de búfer, provocando una ... • http://www.securityfocus.com/bid/100862 • CWE-122: Heap-based Buffer Overflow CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-6438
https://notcve.org/view.php?id=CVE-2014-6438
06 Sep 2017 — The URI.decode_www_form_component method in Ruby before 1.9.2-p330 allows remote attackers to cause a denial of service (catastrophic regular expression backtracking, resource consumption, or application crash) via a crafted string. El método URI.decode_www_form_component en versiones de Ruby anteriores a la 1.9.2-p330 permite que atacantes remotos provoquen una denegación de servicio (expresión regular catastrófica, consumo de recursos o bloqueo de la aplicación) utilizando un string manipulado. • http://www.openwall.com/lists/oss-security/2015/07/13/6 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 1%CPEs: 29EXPL: 1CVE-2017-14064 – ruby: Arbitrary heap exposure during a JSON.generate call
https://notcve.org/view.php?id=CVE-2017-14064
31 Aug 2017 — Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning a pointer to a string of length zero, which is not the length stored in space_len. Ruby hasta la versión 2.2.7, 2.3.x hasta la 2.3.4, y 2.4.x hasta la 2.4.1 puede exponer memoria arbitraria durante una llamada JSON.generate. Los problemas surgen al usar strdup ... • http://www.securityfocus.com/bid/100890 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11465
https://notcve.org/view.php?id=CVE-2017-11465
19 Jul 2017 — The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial of service (invalid write or read) or possibly have unspecified other impact via a crafted Ruby script, related to the parser_tokadd_utf8 function in parse.y. NOTE: this might have security relevance as a bypass of a $SAFE protection mechanism. La función parser_yyerror en el analizador UTF-8 de Ruby versión 2.4.1, permite a los atacantes causar una denegación de servicio (lectura o escritura no válidas) o posib... • https://bugs.ruby-lang.org/issues/13742 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 1CVE-2015-9096 – Ubuntu Security Notice USN-3365-1
https://notcve.org/view.php?id=CVE-2015-9096
12 Jun 2017 — Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring. El modulo Net::SMTP de Ruby anterior a su versión 2.4.0 es vulnerable a la inyección de comandos SMTP mediante secuencias CRLF de los comandos "RCPT TO" o "MAIL FROM", como demuestra las secuencias CRLF inmediatamente antes y después de la substring DATA. It was discovered that Ruby DL::dlopen incorrectly... • http://www.mbsd.jp/Whitepaper/smtpi.pdf • CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2017-9225
https://notcve.org/view.php?id=CVE-2017-9225
24 May 2017 — An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds write in onigenc_unicode_get_case_fold_codes_by_str() occurs during regular expression compilation. Code point 0xFFFFFFFF is not properly handled in unicode_unfold_key(). A malformed regular expression could result in 4 bytes being written off the end of a stack buffer of expand_case_fold_string() during the call to onigenc_unicode_get_case_fold_codes_by_str(), ... • https://github.com/kkos/oniguruma/commit/166a6c3999bf06b4de0ab4ce6b088a468cc4029f • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1CVE-2017-9229 – oniguruma: Invalid pointer dereference in left_adjust_char_head()
https://notcve.org/view.php?id=CVE-2017-9229
24 May 2017 — An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_search_range() could result in an invalid pointer dereference, normally as an immediate denial-of-service condition. Se descubrió un problema en Oniguruma versión 6.2.0, como es usado en Oniguruma-mod en Ruby hasta versión 2.4.1 y mbstring en PHP hasta versión 7... • https://access.redhat.com/errata/RHSA-2018:1296 • CWE-476: NULL Pointer Dereference CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6181
https://notcve.org/view.php?id=CVE-2017-6181
03 Apr 2017 — The parse_char_class function in regparse.c in the Onigmo (aka Oniguruma-mod) regular expression library, as used in Ruby 2.4.0, allows remote attackers to cause a denial of service (deep recursion and application crash) via a crafted regular expression. La función parse_char_class en regparse.c en la Onigmo (también conocida como Oniguruma-mod) libreria de expresión regular,como se utiliza en Ruby 2.4.0, permite a atacantes remotos provocar una denegación de servicio (recursión profunda y caída de la aplic... • http://www.securityfocus.com/bid/97304 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 22%CPEs: 23EXPL: 2CVE-2009-5147 – ruby: DL:: dlopen could open a library with tainted library name
https://notcve.org/view.php?id=CVE-2009-5147
29 Mar 2017 — DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 before 2.1.8 opens libraries with tainted names. DL::dlopen en Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 en versiones anteriores a patchlevel 648, y 2.1 en versiones anteriores a 2.1.8 abre librerías con nombres contaminados. It was discovered that Ruby DL::dlopen incorrectly handled opening libraries. An attacker could possibly use this issue to open libraries with tainted names. This issue only applied to Ubuntu 14.04 LTS. • https://github.com/vpereira/CVE-2009-5147 • CWE-20: Improper Input Validation CWE-267: Privilege Defined With Unsafe Actions •