CVE-2018-16396

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-16396
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-16396.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-16396
Downstream
Related
Published
2018-11-16T18:29:01.083Z
Modified
2025-11-14T03:33:50.872934Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.

References

Affected packages

Git / github.com/ruby/ruby

Affected ranges

Type
GIT
Repo
https://github.com/ruby/ruby
Events
Last affected
6f59db30c18cd793cbf6169301158493df7e78e4
Introduced
4e0a512972cdcbfcd5279f1a2a81ba342ed75b6e
Last affected
85883dc393f60adc3043d28899eff3f1ce53b4a5
Introduced
d40ea2afa6ff5a6e5befcf342fb7b6dc58796b20
Last affected
9bfe7fc5cb457c7bc8df96115ee70b9035f5d885
Introduced
d4bb726b713658f56e630b6cf817a0155b6f390e
Last affected
a8197e08f58c5f2e6d32a774866e0e0d58749911
Last affected
ce0e3fc1b10d1f5c5ad6bc31ba344904345468a2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-16396.json"