Lucene search
Redhat.comRH:CVE-2016-2337HistoryJan 12, 2017 - 2:50 p.m.
CVE-2016-2337
2017-01-1214:50:37
redhat.com
access.redhat.com
14
EPSS
0.041
Percentile
92.3%
Type confusion exists in _cancel_eval Ruby’s TclTkIp class method. Attacker passing different type of object than String as “retval” argument can cause arbitrary code execution.
Related
osv
osv
CVE-2016-2337
2017-01-06 21:59:00
ruby2.1 - security update
2018-08-27 00:00:00
debiancve
debiancve
CVE-2016-2337
2017-01-06 21:59:00
nvd
nvd
CVE-2016-2337
2017-01-06 21:59:00
cve
cve
CVE-2016-2337
2017-01-06 21:59:00
seebug
seebug
Ruby TclTkIp ip_cancel_eval Type Confusion Vulnerabilities(CVE-2016-2337)
2017-10-20 00:00:00
cvelist
cvelist
CVE-2016-2337
2017-01-06 21:00:00
talos
talos
Ruby TclTkIp ip_cancel_eval Type Confusion Vulnerabilities
2016-06-14 00:00:00
ubuntucve
ubuntucve
CVE-2016-2337
2017-01-06 00:00:00
prion
prion
Type confusion
2017-01-06 21:59:00
nessus
nessus
EulerOS 2.0 SP1 : ruby (EulerOS-SA-2017-1050)
2017-05-01 00:00:00
Debian DLA-1480-1 : ruby2.1 security update
2018-08-29 00:00:00
EulerOS 2.0 SP2 : ruby (EulerOS-SA-2017-1051)
2017-05-01 00:00:00
debian
debian
[SECURITY] [DLA 1480-1] ruby2.1 security update
2018-08-27 20:25:50
openvas
openvas
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2017-1051)
2020-01-23 00:00:00
Mageia: Security Advisory (MGASA-2017-0290)
2022-01-28 00:00:00
Debian: Security Advisory (DLA-1480-1)
2018-09-02 00:00:00
mageia
mageia
Updated ruby packages fix security vulnerabilities
2017-08-20 12:10:44
gentoo
gentoo
Ruby: Multiple vulnerabilities
2017-10-18 00:00:00
ubuntu
ubuntu
Ruby vulnerabilities
2017-07-25 00:00:00