Vulnerabilities > Ruby Lang > Ruby > 1.9.0.0

DATE CVE VULNERABILITY TITLE RISK
2008-06-24 CVE-2008-2664 Resource Management Errors vulnerability in multiple products
The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2725.
network
low complexity
ruby-lang debian canonical CWE-399
7.8
7.8
2008-06-24 CVE-2008-2662 Numeric Errors vulnerability in multiple products
Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption, a different issue than CVE-2008-2663, CVE-2008-2664, and CVE-2008-2725.
network
low complexity
ruby-lang debian canonical CWE-189
critical
 10.0
10