Vulnerability Details : CVE-2017-11465
The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial of service (invalid write or read) or possibly have unspecified other impact via a crafted Ruby script, related to the parser_tokadd_utf8 function in parse.y. NOTE: this might have security relevance as a bypass of a $SAFE protection mechanism.
Vulnerability category: Memory CorruptionDenial of service
Threat overview for CVE-2017-11465
Top countries where our scanners detected CVE-2017-11465
Top open port discovered on systems with this issue
8139
IPs affected by CVE-2017-11465 216
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2017-11465!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2017-11465
0.17%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 53 %
Percentile, the proportion of vulnerabilities that are scored at or less