​
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-rwv5-454x-4xjp

Published

Last updated

https://images.chainguard.dev/security/CGA-rwv5-454x-4xjp
Package

ruby-3.0

Latest Update
Not affected
Aliases
  • CVE-2021-41816
  • GHSA-5cqm-crxm-6qpv

Severity

9.8

Critical

CVSS V3

Summary

Buffer overrun in CGI.escape_html

Description

A buffer overrun vulnerability was discovered in CGI.escape_html. This can lead to a buffer overflow when a user passes a very large string (> 700 MB) to CGI.escape_html on a platform where long type takes 4 bytes, typically, Windows.

References

Updates

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsOpen SourceCareersNewsroomLegal

Resources

Unchained BlogResearchEventsTrust CenterDocumentation