0.013 Low
EPSS
Percentile
85.7%
A buffer underflow was found in ruby’s sprintf function. An attacker, with ability to control its format string parameter, could send a specially crafted string that would disclose heap memory or crash the interpreter.
bugzilla.redhat.com/show_bug.cgi?id=1492015
www.ruby-lang.org/en/news/2017/09/14/sprintf-buffer-underrun-cve-2017-0898/