CVE-2017-6181
N/A
N/A
Summary
The parse_char_class function in regparse.c in the Onigmo (aka Oniguruma-mod) regular expression library, as used in Ruby 2.4.0, allows remote attackers to cause a denial of service (deep recursion and application crash) via a crafted regular expression.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://bugs.ruby-lang.org/issues/13234
- https://bugs.ruby-lang.org/projects/ruby-trunk/repository/revisions/57660
- http://www.securityfocus.com/bid/97304
References
- https://bugs.ruby-lang.org/issues/13234
- https://bugs.ruby-lang.org/projects/ruby-trunk/repository/revisions/57660
- http://www.securityfocus.com/bid/97304
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.