National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2017-14064

Change History

Initial Analysis - 9/13/2017 7:35:21 AM
Action Type Old Value New Value
Added CPE Configuration
OR
     *cpe:2.3:a:ruby-lang:ruby:2.2.7:*:*:*:*:*:*:* (and previous)
     *cpe:2.3:a:ruby-lang:ruby:2.3.0:*:*:*:*:*:*:*
     *cpe:2.3:a:ruby-lang:ruby:2.3.0:preview1:*:*:*:*:*:*
     *cpe:2.3:a:ruby-lang:ruby:2.3.0:preview2:*:*:*:*:*:*
     *cpe:2.3:a:ruby-lang:ruby:2.3.1:*:*:*:*:*:*:*
     *cpe:2.3:a:ruby-lang:ruby:2.3.2:*:*:*:*:*:*:*
     *cpe:2.3:a:ruby-lang:ruby:2.3.3:*:*:*:*:*:*:*
     *cpe:2.3:a:ruby-lang:ruby:2.3.4:*:*:*:*:*:*:*
     *cpe:2.3:a:ruby-lang:ruby:2.4.0:*:*:*:*:*:*:*
     *cpe:2.3:a:ruby-lang:ruby:2.4.0:preview1:*:*:*:*:*:*
     *cpe:2.3:a:ruby-lang:ruby:2.4.0:preview2:*:*:*:*:*:*
     *cpe:2.3:a:ruby-lang:ruby:2.4.0:preview3:*:*:*:*:*:*
     *cpe:2.3:a:ruby-lang:ruby:2.4.0:rc1:*:*:*:*:*:*
     *cpe:2.3:a:ruby-lang:ruby:2.4.1:*:*:*:*:*:*:*
Added CVSS V2
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Added CVSS V3
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Changed Reference Type
https://bugs.ruby-lang.org/issues/13853 No Types Assigned
https://bugs.ruby-lang.org/issues/13853 Issue Tracking, Patch, Vendor Advisory
Added CWE
CWE-119
Changed Reference Type
https://hackerone.com/reports/209949 No Types Assigned
https://hackerone.com/reports/209949 Permissions Required, Third Party Advisory
Changed Reference Type
https://github.com/flori/json/commit/8f782fd8e181d9cfe9387ded43a5ca9692266b85 No Types Assigned
https://github.com/flori/json/commit/8f782fd8e181d9cfe9387ded43a5ca9692266b85 Issue Tracking, Patch, Third Party Advisory