Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a leakage of its heap by the malicious specification of the format of sprintf method. If a script allows to accept any format from the outside, there is a risk to be spied the contents of the heap.
원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0898
원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0898
댓글 0
번호 | 제목 | 글쓴이 | 날짜 | 조회 수 |
---|---|---|---|---|
122 | CVE-2017-0033 | 관리자 | 2017.03.18 | 14 |
121 | CVE-2017-0072 | 관리자 | 2017.03.18 | 12 |
120 | CVE-2017-0034 | 관리자 | 2017.03.18 | 13 |
119 | CVE-2017-0070 | 관리자 | 2017.03.18 | 21 |
118 | CVE-2017-0069 | 관리자 | 2017.03.18 | 7 |
117 | CVE-2017-0073 | 관리자 | 2017.03.18 | 14 |
116 | CVE-2017-0067 | 관리자 | 2017.03.18 | 21 |
115 | CVE-2017-0066 | 관리자 | 2017.03.18 | 7 |
114 | CVE-2017-0068 | 관리자 | 2017.03.18 | 58 |
113 | CVE-2017-0063 | 관리자 | 2017.03.18 | 13 |
112 | CVE-2017-0062 | 관리자 | 2017.03.18 | 13 |
111 | CVE-2017-0065 | 관리자 | 2017.03.18 | 10 |
110 | CVE-2017-0060 | 관리자 | 2017.03.18 | 17 |
109 | CVE-2017-0059 | 관리자 | 2017.03.18 | 63 |
108 | CVE-2017-0061 | 관리자 | 2017.03.18 | 11 |