CVE-2017-16229

EPSS 0.17% · P37 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-16229

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

In the Ox gem 2.8.1 for Ruby, the process crashes with a stack-based buffer over-read in the read_from_str function in sax_buf.c when a crafted input is supplied to sax_parse.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Ruby Ox gem 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Ruby Ox gem是一款基于Ruby的XML解析器。 Ruby Ox gem 2.8.1版本中的sax_buf.c文件的‘read_from_str’函数存在基于栈的缓冲区越边界读取漏洞。攻击者可借助特制的输入利用该漏洞造成拒绝服务（进程崩溃）。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2017-16229

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-16229

Please Login to view more intelligence information

https://rubygems.org/gems/ox/versions/2.8.1x_refsource_MISC
https://github.com/ohler55/ox/issues/195x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2017-16229

Same Patch Batch · n/a · 2018-02-26 · 26 CVEs total

CVE-2018-7491		PrestaShop 输入验证错误漏洞
CVE-2018-7484		PureVPN for Windows 权限许可和访问控制漏洞
CVE-2018-7479		YzmCMS 安全漏洞
CVE-2017-18200		Linux kernel 安全漏洞
CVE-2017-9426		Piwigo Facetag扩展SQL注入漏洞
CVE-2017-9425		Piwigo Facetag扩展跨站脚本漏洞
CVE-2018-7463		ASANHAMAYESH CMS files组件SQL注入漏洞
CVE-2018-7486		BLUE RIVER Mura CMS 安全漏洞
CVE-2018-7485		unixODBC 安全漏洞
CVE-2017-18201		GNU libcdio 安全漏洞
CVE-2018-7489		FasterXML jackson-databind 代码问题漏洞
CVE-2018-7487		sam2p 缓冲区错误漏洞
CVE-2018-5762		Unisys ClearPath MCP系统TCP/IP networking模块安全漏洞
CVE-2017-11632		360 Wireless IP Camera 安全漏洞
CVE-2018-7448		CMS Made Simple 安全漏洞
CVE-2017-18195		concrete5 安全漏洞
CVE-2018-7492		Linux kernel 安全漏洞
CVE-2018-7250		Microsoft Windows和Macrovision SafeDisc secdrv.sys驱动程序信息泄露漏洞
CVE-2018-7249		Microsoft Windows和Macrovision SafeDisc secdrv.sys驱动程序安全漏洞
CVE-2018-7490		uWSGI 路径遍历漏洞

Showing top 20 of 26 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2017-16229

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2017-16229

I. Basic Information for CVE-2017-16229

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-16229

III. Intelligence Information for CVE-2017-16229

Same Patch Batch · n/a · 2018-02-26 · 26 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2017-16229

Leave a comment