CVE-2016-2338
published 2022-09-29CVE-2016-2338: An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby. In Psych::Emitter start_document function heap buffer…
PriorityP353critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
4.64%
90.6th percentile
An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby. In Psych::Emitter start_document function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array size after mentioned allocation and cause heap overflow.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL
vendor_redhat9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-r46x-xjwr-8v2g: An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby
ghsa_unreviewed·2022-09-30
CVE-2016-2338 [CRITICAL] CWE-787 GHSA-r46x-xjwr-8v2g: An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby
An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby. In Psych::Emitter start_document function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array size after mentioned allocation and cause heap overflow.
OSV
CVE-2016-2338: An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby
osv·2022-09-29·CVSS 9.8
CVE-2016-2338 [CRITICAL] CVE-2016-2338: An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby
An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby. In Psych::Emitter start_document function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array size after mentioned allocation and cause heap overflow.
Red Hat
ruby: heap buffer overflow in the Psych::Emitter start_document function
vendor_redhat·2022-09-29·CVSS 9.8
CVE-2016-2338 [CRITICAL] CWE-787 ruby: heap buffer overflow in the Psych::Emitter start_document function
ruby: heap buffer overflow in the Psych::Emitter start_document function
An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby. In Psych::Emitter start_document function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array size after mentioned allocation and cause heap overflow.
An exploitable heap overflow vulnerability was found in the Psych::Emitter start_document function of Ruby. In Psych::Emitter start_document function heap buffer "head" allocation is made based on the tags array length. A specially constructed object passed as elements of tags array can increase this array size after mentioned allocation, causing a heap overflow.
Pac
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.talosintelligence.com/reports/TALOS-2016-0032/https://lists.debian.org/debian-lts-announce/2020/03/msg00032.htmlhttps://security.netapp.com/advisory/ntap-20221228-0005/http://www.talosintelligence.com/reports/TALOS-2016-0032/https://lists.debian.org/debian-lts-announce/2020/03/msg00032.htmlhttps://security.netapp.com/advisory/ntap-20221228-0005/
2022-09-29
Published