CVE-2008-2376
CVSS v2.0
7.5 (High)
EPSS
2.05 % (89th)
Affected Products
2
Advisories
5
Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows.
Weaknesses
- CWE-189
- Numeric Errors
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2008-07-09 00:41:00
(16 years ago) - Updated Date
-
2023-11-07 02:02:12
(10 months ago)
Affected Products
Loading...
Loading...
Configuration #1
AND |
|
---|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...