CVE-2021-41816 vulnerability in Canonical and Other Products
Published on February 6, 2022

CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms (such as Windows) where size_t and long have different numbers of bytes. This also affects the CGI gem before 0.3.1 for Ruby.

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2021-41816

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-41816 are published in these products:

Canonical Ubuntu Linux

Ruby Programming Language Cgi

Fedora Project Fedora

Exploit Probability

EPSS

0.56%

Percentile

67.99%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-41816 vulnerability in Canonical and Other ProductsPublished on February 6, 2022

Products Associated with CVE-2021-41816

Exploit Probability

CVE-2021-41816 vulnerability in Canonical and Other Products
Published on February 6, 2022