Sha256: f07abfa9825c4190a15d4613b77d1c79c696b809a1c60492633597c154d949d0

Contents?: true

Size: 518 Bytes

Versions: 6

Compression:

Stored size: 518 Bytes

Contents

---
engine: ruby
cve: 2011-1005
osvdb: 70957
url: http://www.osvdb.org/show/osvdb/70957
title: Ruby Exception#to_s Method Safe Level Security Bypass
date: 2011-02-18
description: |
  Ruby contains a flaw related to the safe-level feature. The issue is
  triggered when a context-dependent attacker exploits a flaw within the exception
  '#to_s' handling. This may allow an attacker to bypass safe-level protection and
  modify strings via the 'Exception#to_s' method.
cvss_v2: 4.3
patched_versions:
  - ">= 1.8.7.334"

Version data entries

6 entries across 6 versions & 2 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/rubies/ruby/CVE-2011-1005.yml
bundler-budit-0.6.2 data/ruby-advisory-db/rubies/ruby/OSVDB-70957.yml
bundler-budit-0.6.1 data/ruby-advisory-db/rubies/ruby/OSVDB-70957.yml
bundler-audit-0.6.1 data/ruby-advisory-db/rubies/ruby/OSVDB-70957.yml
bundler-audit-0.6.0 data/ruby-advisory-db/rubies/ruby/OSVDB-70957.yml
bundler-audit-0.5.0 data/ruby-advisory-db/rubies/ruby/OSVDB-70957.yml