Skip to main content

Ruby CVE-2017-14064

CRITICAL
Buffer Overflow (CWE-119)
2017-08-31 cve@mitre.org
9.8
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Aug 31, 2017 - 17:29 cve.org
CRITICAL 9.8

DescriptionCVE.org

Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning a pointer to a string of length zero, which is not the length stored in space_len.

AnalysisAI

Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning a pointer to a string of length zero, which is not the length stored in space_len. Affected products include: Ruby-Lang Ruby, Debian Debian Linux, Canonical Ubuntu Linux, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server. Version information: through 2.2.7.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

More in Ruby

View all
CVE-2017-17405 HIGH POC
8.8 Dec 15

Ruby before 2.4.3 allows Net::FTP command injection. Rated high severity (CVSS 8.8), this vulnerability is remotely expl

CVE-2017-17790 CRITICAL POC
9.8 Dec 20

The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injectio

CVE-2016-2336 CRITICAL POC
9.8 Jan 06

Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. Rated critical severi

CVE-2016-2337 CRITICAL POC
9.8 Jan 06

Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Rated critical severity (CVSS 9.8), this vulnerabilit

CVE-2016-2339 CRITICAL POC
9.8 Jan 06

An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Rub

CVE-2017-9225 CRITICAL POC
9.8 May 24

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7

CVE-2026-27614 CRITICAL POC
9.3 Feb 25

Stored XSS in Bugsink error tracking tool before 2.0.13 allows unauthenticated attackers to inject persistent scripts th

CVE-2017-0898 CRITICAL POC
9.1 Sep 15

Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) w

CVE-2013-4164 MEDIUM POC
6.8 Nov 23

Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and tru

CVE-2019-16255 HIGH POC
8.1 Nov 26

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "c

CVE-2017-9229 HIGH POC
7.5 May 24

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7

CVE-2026-22589 HIGH POC
7.5 Jan 10

Spree versions up to 4.10.2 is affected by authorization bypass through user-controlled key (CVSS 7.5).

Share

CVE-2017-14064 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy