CVE-2022-28738 is a vulnerability in Ruby Programming Language Ruby Language
Published on May 9, 2022

A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations.

Vendor Advisory NVD

Products Associated with CVE-2022-28738

Want to know whenever a new CVE is published for Ruby Programming Language Ruby Language? stack.watch will email you.

Ruby Programming Language Ruby Language

Exploit Probability

EPSS

0.27%

Percentile

50.60%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-28738 is a vulnerability in Ruby Programming Language Ruby LanguagePublished on May 9, 2022

Products Associated with CVE-2022-28738

Exploit Probability

CVE-2022-28738 is a vulnerability in Ruby Programming Language Ruby Language
Published on May 9, 2022