Integer Overflow or Wraparound in ruby3.0 | CVE-2021-41816

Threat Intelligence

1.1% (85^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk IDSNYK-DEBIAN12-RUBY30-1933854
published1 Dec 2021
disclosed6 Feb 2022

Report a new vulnerability Found a mistake?

Introduced: 1 Dec 2021

CVE-2021-41816 (opens in a new tab) CWE-190 (opens in a new tab)

Amendment

The Debian security team deemed this advisory irrelevant for Debian:12.

NVD Description

Note: Versions mentioned in the description apply only to the upstream ruby3.0 package and not the ruby3.0 package as distributed by Debian.

CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms (such as Windows) where size_t and long have different numbers of bytes. This also affects the CGI gem before 0.3.1 for Ruby.

References

https://security-tracker.debian.org/tracker/CVE-2021-41816
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/
https://hackerone.com/reports/1328463
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/
https://security.gentoo.org/glsa/202401-27
https://security.netapp.com/advisory/ntap-20220303-0006/
https://www.ruby-lang.org/en/news/2021/11/24/buffer-overrun-in-cgi-escape_html-cve-2021-41816/

Integer Overflow or Wraparound The advisory has been revoked - it doesn't affect any version of package ruby3.0 (opens in a new tab)