CVE-2014-4975

Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.

Published: 2014-11-15 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]

Conclusion & alert: CVE-2014-4975 is rated Moderate Risk (51.5/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 3.86%). Mandatory action: Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2014-4975

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 3.45% 3.86% +0.41%
2 2025-12-28 2.49% 3.45% +0.96%
3 2025-12-27 2.49%

Full EPSS history (12 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2014-4975

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
5.0 2.0 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:N)
No integrity impact.
Availability impact (A:N)
No availability impact.
10.0 2.9 [email protected]

Weakness enumeration for CVE-2014-4975

OS Trackers for CVE-2014-4975

vendor priority summary link
redhat low https://access.redhat.com/security/cve/CVE-2014-4975
suse low CVE-2014-4975 severity low: SUSE including 26 source package names (4.0.0:libruby2_1-2_1-2.1.9-15.1, 4.0.0:ruby2.1-2.1.9-15.1, …), 125 product×package rows across 41 product lines (Container caasp/v4/velum, Image SLES12-SP5-Azure-BYOS, … (41 product lines)): Fixed 125. https://www.suse.com/security/cve/CVE-2014-4975/
ubuntu low CVE-2014-4975 low priority: Ubuntu including 5 source packages (ruby1.8, ruby1.9, ruby1.9.1, ruby2.0, ruby2.1), 35 status rows across 7 suites (lucid, precise, trusty, upstream, utopic, vivid, wily): DNE 17, released 7, ignored 5, needs-triage 5, not-affected 1. https://ubuntu.com/security/CVE-2014-4975

Affected software / configurations for CVE-2014-4975

Vendor Product Version Raw CPE
ruby-lang ruby <= 1.9.3 cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
ruby-lang ruby 2.0 cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
ruby-lang ruby 2.0.0 cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
ruby-lang ruby 2.0.0 cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*
ruby-lang ruby 2.0.0 cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*
ruby-lang ruby 2.0.0 cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*
ruby-lang ruby 2.0.0 cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:*
ruby-lang ruby 2.0.0 cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:*
ruby-lang ruby 2.0.0 cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*
ruby-lang ruby 2.0.0 cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*
ruby-lang ruby 2.1 cpe:2.3:a:ruby-lang:ruby:2.1:-:*:*:*:*:*:*
ruby-lang ruby 2.1 cpe:2.3:a:ruby-lang:ruby:2.1:preview1:*:*:*:*:*:*
ruby-lang ruby 2.1.1 cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*
ruby-lang ruby 2.1.2 cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*
redhat enterprise_linux_desktop 7.0 cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
redhat enterprise_linux_hpc_node 7.0 cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
redhat enterprise_linux_server 7.0 cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
redhat enterprise_linux_workstation 7.0 cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
debian debian_linux 7.0 cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
debian debian_linux 8.0 cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
canonical ubuntu_linux 12.04 cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
canonical ubuntu_linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
canonical ubuntu_linux 14.10 cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*

References for CVE-2014-4975

URL Tags
http://advisories.mageia.org/MGASA-2014-0472.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-1912.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-1913.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-1914.html Third Party Advisory
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=46778 Vendor Advisory
http://www.debian.org/security/2015/dsa-3157 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2015:129 Broken Link
http://www.openwall.com/lists/oss-security/2014/07/09/13 Mailing List
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html Third Party Advisory
http://www.securityfocus.com/bid/68474 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2397-1 Third Party Advisory
https://bugs.ruby-lang.org/issues/10019 Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1118158 Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/94706
cvelogic Threat Intelligence