CVE-2021-41816
CVSS v3.1
9.8 (Critical)
CVSS v2.0
7.5 (High)
EPSS
1.25 % (86th)
Affected Products
3
Advisories
8
CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms (such as Windows) where size_t and long have different numbers of bytes. This also affects the CGI gem before 0.3.1 for Ruby.
Weaknesses
- CWE-190
- Integer Overflow or Wraparound
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2022-02-06 21:15:07
(2 years ago) - Updated Date
-
2024-01-24 05:15:11
(7 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
AND |
|
---|
Configuration #3
AND |
|
---|
Configuration #4
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...