CVE-2020-10933

{"id": "CVE-2020-10933", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2020-05-04T15:15:13.963", "references": [{"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4TNVTT66VPRMX5UZYSDGSVRXKKDDDU5/", "source": "cve@mitre.org"}, {"url": "https://security.netapp.com/advisory/ntap-20200625-0001/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.debian.org/security/2020/dsa-4721", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.ruby-lang.org/en/news/2020/03/31/heap-exposure-in-socket-cve-2020-10933/", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-908"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Ruby versiones 2.5.x hasta 2.5.7, versiones 2.6.x hasta 2.6.5, y versi\u00f3n 2.7.0. Si una v\u00edctima llama a BasicSocket#read_nonblock(requested_size, buffer, exception: false), el m\u00e9todo redimensiona el buffer para ajustarlo al tama\u00f1o requerido, pero ning\u00fan dato es copiado. Por lo tanto, la cadena del b\u00fafer proporciona el valor previo de la pila. Esto puede exponer datos posiblemente confidenciales del int\u00e9rprete."}], "lastModified": "2023-11-07T03:14:25.740", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F9FF206-523F-4E17-8BDB-67677576B376", "versionEndIncluding": "2.5.7", "versionStartIncluding": "2.5.0"}, {"criteria": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4FC67C1-28AC-4E34-A89C-33892FF0BEA2", "versionEndIncluding": "2.6.5", "versionStartIncluding": "2.6.0"}, {"criteria": "cpe:2.3:a:ruby-lang:ruby:2.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E0F180A-5E99-4040-8D78-4A6A0CF97FEA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}