Buffer Overflow in Ruby's CGI Module Affecting Multiple Versions
CVE-2021-41816

9.8CRITICAL

Key Information:

Vendor: Ruby-lang
Status: Cgi
Vendor: CVE Published:; 6 February 2022

What is CVE-2021-41816?

The CGI.escape_html function in Ruby versions prior to 2.7.5 and 3.x versions before 3.0.3 is susceptible to an integer overflow that can lead to a buffer overflow when processing long strings. This vulnerability also impacts the CGI gem prior to version 0.3.1. The issue arises on platforms where size_t and long types vary in size, such as Windows. Exploiting this vulnerability could allow an attacker to run arbitrary code or cause a denial of service.

References

https://hackerone.com/reports/1328463

https://www.ruby-lang.org/en/news/2021/11/24/buffer-overr...

https://security-tracker.debian.org/tracker/CVE-2021-41816

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 6, 2022
Vulnerability Reserved
Sep 29, 2021

Ruby-lang

What is CVE-2021-41816?

References

CVSS V3.1

Timeline