evan/ccsv

Releases8

Frequency4 months 2 weeks

Last Release over 11 years ago

Stars64

A pure-C CSV parser for Ruby

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2017-15364 ↗	Oct 15, 2017Sunday, 15 October 2017, 19:29	—	4.3 MEDIUM
The foreach function in ext/ccsv.c in Ccsv 1.1.0 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact via a crafted file. NOTE: This has been disputed and it is argued that this is not present in version 1.1.0.