Showing 1 - 4 of 4

CVE-2022-28738

Status Candidate

Overview

A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations.

Related Files

Red Hat Security Advisory 2022-6855-01: Posted Oct 11, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-6855-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include buffer overflow, denial of service, double free, and spoofing vulnerabilities.; tags | advisory, denial of service, overflow, spoof, vulnerability, ruby; systems | linux, redhat; advisories | CVE-2021-41816, CVE-2021-41817, CVE-2021-41819, CVE-2022-28738, CVE-2022-28739; SHA-256 | 23b2e4fec136d2b841752155cc897796ca8d6de598e56c894f584c758f0ea16e; Download | Favorite | View

Red Hat Security Advisory 2022-6585-01: Posted Sep 21, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-6585-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a double free vulnerability.; tags | advisory, ruby; systems | linux, redhat; advisories | CVE-2022-28738, CVE-2022-28739; SHA-256 | 1ff122457a9752bdbfb6cb45ab90c6e6d019e61a2c3f8ef3642e2c8ea9b73161; Download | Favorite | View

Red Hat Security Advisory 2022-6450-01: Posted Sep 13, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-6450-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include denial of service, double free, and spoofing vulnerabilities.; tags | advisory, denial of service, spoof, vulnerability, ruby; systems | linux, redhat; advisories | CVE-2021-41817, CVE-2021-41819, CVE-2022-28738, CVE-2022-28739; SHA-256 | 64271aa943cadcf4f53769f49f2705c0658c289b46512a0840bf913803fc1cd1; Download | Favorite | View

Ubuntu Security Notice USN-5462-1: Posted Jun 7, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5462-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information.; tags | advisory, arbitrary, ruby; systems | linux, ubuntu; advisories | CVE-2022-28738, CVE-2022-28739; SHA-256 | 93396c53d1b014d262f3aed6dacbfc8d58faaea61e4dae6cbadc94a05bec397a; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 174 files
Ubuntu 100 files
indoushka 86 files
Debian 23 files
nu11secur1ty 19 files
CraCkEr 8 files
Google Security Research 7 files
Gentoo 7 files
Apple 6 files
EgiX 5 files

File Archives

Systems

AIX (428)
Apple (2,009)
BSD (373)
CentOS (57)
Cisco (1,925)
Debian (6,842)
Fedora (1,692)
FreeBSD (1,244)
Gentoo (4,329)
HPUX (879)
iOS (353)
iPhone (108)
IRIX (220)
Juniper (68)
Linux (46,806)
Mac OS X (687)
Mandriva (3,105)
NetBSD (256)
OpenBSD (485)
RedHat (13,915)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,935)
UNIX (9,311)
UnixWare (186)
Windows (6,587)
Other

CVE-2022-28738

Overview

Related Files

File Archive:

September 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems