CVE-2017-11465

Name of the Vulnerable Software and Affected Versions Ruby versions 2.4.1

Description The issue is related to a buffer overflow in the parser yyerror function of the UTF-8 parser in the Ruby interpreter. This can be exploited by a remote attacker using a specially crafted Ruby script that interacts with the parser tokadd utf8 function, potentially leading to a denial of service or bypassing the $SAFE protection mechanism.

Recommendations For Ruby version 2.4.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.