Recent Vulnerabilities Research Posts Trends Blog About Contact

Ruby Arbitrary memory address read vulnerability with Regex search. An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings.

Debian Bug report logs - #1069968 ruby32: CVE-2024-27282 Package: src:ruby32; Maintainer for src:ruby32 is Debian Ruby Team <pkg-ruby-extras-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 27 Apr 2024 20:27:02 UTC Severity: grave Tags: security, upstream Foun ...

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069968 https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-27282

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect