cvedb.io
CVE-2017-15928
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2017-10-27T17:29:00.233 · Last modified 2026-06-17T01:08:29.310

Summary

In the Ox gem 2.8.0 for Ruby, the process crashes with a segmentation fault when a crafted input is supplied to parse_obj. NOTE: the vendor has stated "Ox should handle the error more gracefully" but has not confirmed a security implication.

Affected products

ox_project — ox

Does this affect you?

Add your gear to cvedb and we'll alert you only when ox_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.