Hackerone Ruby vulnerabilities

1 known vulnerability affecting hackerone/ruby.

Total CVEs

1

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

CRITICAL1

Vulnerabilities

Page 1 of 1

CVE-2017-0898CRITICALCVSS 9.1vVersions before 2.4.2, 2.3.5, and 2.2.82017-09-15

CVE-2017-0898 [CRITICAL] CWE-134 CVE-2017-0898: Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a prec Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap.