Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:rubyzip_project:rubyzip:1.2.2:*:*:*:*:ruby:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-16892 |
In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. This allows attackers to cause a denial of service (disk consumption). Published: September 25, 2019; 6:15:10 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 7.1 HIGH |