Vulnerabilities > Ruby Lang > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-24 | CVE-2017-9225 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. | 9.8 |
| 2017-01-06 | CVE-2016-2339 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ruby-Lang Ruby 2.2.2/2.3.0 An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. | 9.8 |
| 2017-01-06 | CVE-2016-2337 | Unspecified vulnerability in Ruby-Lang Ruby 2.2.2/2.3.0 Type confusion exists in _cancel_eval Ruby's TclTkIp class method. | 9.8 |
| 2017-01-06 | CVE-2016-2336 | Unspecified vulnerability in Ruby-Lang Ruby 2.2.2/2.3.0 Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. | 9.8 |