A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fixed version; however, for Ruby 3.0 users, a fixed version is stringio 3.0.1.1, and for Ruby 3.1 users, a fixed version is stringio 3.0.1.2.
References
Configurations
No configuration.
History
03 Jul 2024, 01:50
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-120 | |
Summary |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
14 May 2024, 15:11
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-05-14 15:11
Updated : 2024-07-03 01:50
NVD link : CVE-2024-27280
Mitre link : CVE-2024-27280
CVE.ORG link : CVE-2024-27280
JSON object : View
Products Affected
No product.
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')