Vulnerabilities > Ruby Lang > Ruby > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-01-06 CVE-2016-2336 Unspecified vulnerability in Ruby-Lang Ruby 2.2.2/2.3.0
Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface.
network
low complexity
ruby-lang
critical
9.8
2017-01-06 CVE-2016-2337 Unspecified vulnerability in Ruby-Lang Ruby 2.2.2/2.3.0
Type confusion exists in _cancel_eval Ruby's TclTkIp class method.
network
low complexity
ruby-lang
critical
9.8
2017-01-06 CVE-2016-2339 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ruby-Lang Ruby 2.2.2/2.3.0
An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby.
network
low complexity
ruby-lang CWE-119
critical
9.8