Lucene search
GoogleOSV:CVE-2022-28738HistoryMay 09, 2022 - 6:15 p.m.
CVE-2022-28738
2022-05-0918:15:08
Google
osv.dev
53
0.003 Low
EPSS
Percentile
70.6%
A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ruby | eq | 1.8.7_p174-r2 | |
| ruby | eq | 1.8.7_p160-r2 | |
| ruby | eq | 2.1.5-r1 | |
| ruby | eq | 2.0.0_p247-r2 | |
| ruby | eq | 2.3.3-r3 | |
| ruby | eq | 2.6.3-r3 | |
| ruby | eq | 2.5.5-r3 | |
| ruby | eq | 2.0.0_p247-r3 | |
| ruby | eq | 3_0_1 | |
| ruby | eq | 2.6.5-r3 |
Related
ubuntucve
ubuntucve
CVE-2022-28738
2022-05-09 00:00:00
hackerone
hackerone
Internet Bug Bounty: CVE-2022-28738: Double free in Regexp compilation
2022-04-25 03:55:55
alpinelinux
alpinelinux
CVE-2022-28738
2022-05-09 18:15:08
prion
prion
Double free
2022-05-09 18:15:00
debiancve
debiancve
CVE-2022-28738
2022-05-09 18:15:08
cve
cve
CVE-2022-28738
2022-05-09 18:15:08
nessus
nessus
FreeBSD : Ruby -- Double free in Regexp compilation (f22144d7-bad1-11ec-9cfe-0800270512f4)
2022-04-13 00:00:00
AlmaLinux 9 : ruby (ALSA-2022:6585)
2022-11-16 00:00:00
Oracle Linux 9 : ruby (ELSA-2022-6585)
2022-09-21 00:00:00
freebsd
freebsd
Ruby -- Double free in Regexp compilation
2022-04-12 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-04-13 07:35:07
redhatcve
redhatcve
CVE-2022-28738
2022-04-14 21:55:08
osv
osv
BIT-ruby-2022-28738
2024-03-06 11:04:26
Moderate: ruby security, bug fix, and enhancement update
2022-09-20 11:36:12
ruby2.5, ruby2.7, ruby3.0 vulnerabilities
2022-06-06 17:23:28
nvd
nvd
CVE-2022-28738
2022-05-09 18:15:08
cvelist
cvelist
CVE-2022-28738
2022-05-09 00:00:00
rubygems
rubygems
Double free in Regexp compilation
2022-04-11 21:00:00
openvas
openvas
Fedora: Security Advisory for ruby (FEDORA-2022-a7ca6ee0cf)
2022-05-08 00:00:00
Slackware: Security Advisory (SSA:2022-103-01)
2022-04-21 00:00:00
Mageia: Security Advisory (MGASA-2022-0143)
2022-04-20 00:00:00
slackware
slackware
[slackware-security] ruby
2022-04-13 20:52:10
ubuntu
ubuntu
Ruby vulnerabilities
2022-06-06 00:00:00
almalinux
almalinux
Moderate: ruby security, bug fix, and enhancement update
2022-09-20 00:00:00
Moderate: ruby:3.0 security, bug fix, and enhancement update
2022-09-13 00:00:00
redhat
redhat
oraclelinux
oraclelinux
ruby security, bug fix, and enhancement update
2022-09-21 00:00:00
ruby:3.0 security, bug fix, and enhancement update
2022-09-15 00:00:00
mageia
mageia
Updated ruby packages fix security vulnerability
2022-04-16 00:35:09
cloudfoundry
cloudfoundry
USN-5462-1: Ruby vulnerabilities | Cloud Foundry
2022-12-07 00:00:00
rocky
rocky
ruby security, bug fix, and enhancement update
2022-09-20 11:36:12
ruby:3.0 security, bug fix, and enhancement update
2022-09-13 07:36:53
fedora
fedora
[SECURITY] Fedora 36 Update: ruby-3.1.2-164.fc36
2022-05-07 05:07:39
[SECURITY] Fedora 34 Update: ruby-3.0.4-153.fc34
2022-05-08 02:03:44
[SECURITY] Fedora 35 Update: ruby-3.0.4-153.fc35
2022-05-08 01:48:39
redos
redos
ROS-20220516-06
2022-05-16 00:00:00
gentoo
gentoo
Ruby: Multiple vulnerabilities
2024-01-24 00:00:00
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00