VYPR
Critical severity9.8NVD Advisory· Published Jan 6, 2017· Updated Jun 17, 2026

CVE-2016-2339

CVE-2016-2339

Description

An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

35

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.