CVE-2011-1005
CVSS v2.0
5 (Medium)
EPSS
1.08 % (85th)
Affected Products
1
Advisories
9
The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname.
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2011-03-02 20:00:01
(13 years ago) - Updated Date
-
2013-08-13 17:00:09
(11 years ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...