CNNVD-202507-1712 Information

CNNVD ID

CNNVD-202507-1712

Related CVE

CVE-2025-24294

• CNNVD Published: 2025-07-12

Description (Chinese)

Ruby是松本行弘（Yukihiro Matsumoto）个人开发者的一种跨平台、面向对象的动态类型编程语言。 Ruby存在安全漏洞，该漏洞源于DNS数据包中解压缩域名长度检查不足，可能导致拒绝服务攻击。

Description (English)

Ruby is a cross-platform, object-oriented dynamic type programming language for the personal developer Yukihiro Matsumoto. Ruby had a security loophole, which stemmed from the inadequacy of decompressed domain name length checks in the DNS data package, which could lead to denial of service attacks.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Live Support

Published

2025-07-12

Last Modified

2026-02-24

References

https://www.ruby-lang.org/en/news/2025/07/08/dos-resolv-cve-2025-24294/ https://access.redhat.com/security/cve/cve-2025-24294

Patch

https://www.ruby-lang.org/en/downloads/