Lucene search
Veracode Vulnerability DatabaseVERACODE:12755HistoryJan 15, 2019 - 9:21 a.m.
Information Disclosure
2019-01-1509:21:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.013 Low
EPSS
Percentile
85.7%
rh-ruby24-ruby is vulnerable to information disclosure attacks. The vulnerability exists as Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap.
Related
prion
prion
Information disclosure
2017-09-15 19:29:00
ubuntucve
ubuntucve
CVE-2017-0898
2017-09-15 00:00:00
redhatcve
redhatcve
CVE-2017-0898
2019-10-10 10:31:36
alpinelinux
alpinelinux
CVE-2017-0898
2017-09-15 19:29:00
osv
osv
CVE-2017-0898
2017-09-15 19:29:00
ruby1.8 - security update
2017-09-26 00:00:00
ruby2.3 - security update
2017-11-11 00:00:00
cvelist
cvelist
CVE-2017-0898
2017-09-15 00:00:00
nessus
nessus
Photon OS 1.0: Ruby PHSA-2017-0037
2019-02-07 00:00:00
Debian DLA-1113-1 : ruby1.8 security update
2017-09-27 00:00:00
Fedora 27 : ruby (2017-4166994614)
2018-01-15 00:00:00
nvd
nvd
CVE-2017-0898
2017-09-15 19:29:00
debiancve
debiancve
CVE-2017-0898
2017-09-15 19:29:00
hackerone
hackerone
Ruby: sprintf combined format string attack
2017-03-10 11:48:41
cve
cve
CVE-2017-0898
2017-09-15 19:29:00
openvas
openvas
Debian: Security Advisory (DLA-1113-1)
2018-02-06 00:00:00
Fedora Update for ruby FEDORA-2017-6e6f4f95e6
2017-12-29 00:00:00
Mageia: Security Advisory (MGASA-2017-0371)
2022-01-28 00:00:00
debian
debian
[SECURITY] [DLA 1113-1] ruby1.8 security update
2017-09-26 21:16:42
[SECURITY] [DSA 4031-1] ruby2.3 security update
2017-11-11 14:46:00
[SECURITY] [DSA 4031-1] ruby2.3 security update
2017-11-11 14:46:00
fedora
fedora
[SECURITY] Fedora 26 Update: ruby-2.4.2-84.fc26
2017-12-26 16:32:32
[SECURITY] Fedora 27 Update: ruby-2.4.2-84.fc27
2017-10-02 14:27:35
mageia
mageia
Updated ruby packages fix security vulnerabilities
2017-10-18 23:19:34
freebsd
freebsd
ruby -- multiple vulnerabilities
2017-09-14 00:00:00
gentoo
gentoo
Ruby: Multiple vulnerabilities
2017-10-18 00:00:00
ubuntu
ubuntu
Ruby vulnerabilities
2017-10-05 00:00:00
Ruby regression
2021-03-25 00:00:00
Ruby vulnerabilities
2018-06-13 00:00:00
slackware
slackware
[slackware-security] ruby
2017-09-18 19:20:47
redhat
redhat
(RHSA-2017:3485) Moderate: rh-ruby24-ruby security, bug fix, and enhancement update
2017-12-19 08:13:07
(RHSA-2018:0585) Important: rh-ruby23-ruby security, bug fix, and enhancement update
2018-03-26 09:13:23
(RHSA-2018:0378) Important: ruby security update
2018-02-28 16:24:33
photon
photon
Critical Photon OS Security Update - PHSA-2017-0076
2017-10-06 00:00:00
amazon
amazon
Medium: ruby22, ruby23
2017-10-02 17:01:00
Medium: ruby24
2017-10-26 17:01:00
ibm
ibm
Security Bulletin: Vulnerabilities in Ruby affect PowerKVM
2018-06-18 01:42:18
oraclelinux
oraclelinux
ruby security update
2018-02-28 00:00:00
centos
centos
ruby, rubygem, rubygems security update
2018-03-10 11:53:01
apple
apple
About the security content of macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan - Apple Support
2020-07-28 05:29:11