Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2017-11465HistoryJul 19, 2017 - 9:29 p.m.
CVE-2017-11465
2017-07-1921:29:00
Debian Security Bug Tracker
security-tracker.debian.org
8
EPSS
0.002
Percentile
56.7%
The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial of service (invalid write or read) or possibly have unspecified other impact via a crafted Ruby script, related to the parser_tokadd_utf8 function in parse.y. NOTE: this might have security relevance as a bypass of a $SAFE protection mechanism.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | ruby2.3 | < 2.3.3-1+deb9u8 | ruby2.3_2.3.3-1+deb9u8_all.deb |
Related
redhatcve
redhatcve
CVE-2017-11465
2017-07-21 14:18:29
osv
osv
CVE-2017-11465
2017-07-19 21:29:00
cvelist
cvelist
CVE-2017-11465
2017-07-19 21:00:00
cve
cve
CVE-2017-11465
2017-07-19 21:29:00
prion
prion
Security feature bypass
2017-07-19 21:29:00
ubuntucve
ubuntucve
CVE-2017-11465
2017-07-19 00:00:00
nvd
nvd
CVE-2017-11465
2017-07-19 21:29:00
photon
photon
Critical Photon OS Security Update - PHSA-2019-0130
2019-02-13 00:00:00
Critical Photon OS Security Update - PHSA-2017-0076
2017-10-06 00:00:00