Skip to content

Commit 17e1b4f

Browse files
riseshiariseshia
committed
Translate CVE-2021-41816 
1 parent 65f13d7 commit 17e1b4f

File tree

1 file changed

+19
-19
lines changed

1 file changed

+19
-19
lines changed

ko/news/_posts/2021-11-24-buffer-overrun-in-cgi-escape_html-cve-2021-41816.md

Lines changed: 19 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -1,36 +1,36 @@
11
---
22
layout: news_post
3-
title: "CVE-2021-41816: Buffer Overrun in CGI.escape_html"
3+
title: "CVE-2021-41816: CGI.escape_html에서의 버퍼 오버런"
44
author: "mame"
5-
translator:
5+
translator: "shia"
66
date: 2021-11-24 12:00:00 +0000
77
tags: security
8-
lang: en
8+
lang: ko
99
---
1010

11-
A buffer overrun vulnerability was discovered in CGI.escape_html.
12-
This vulnerability has been assigned the CVE identifier [CVE-2021-41816](https://nvd.nist.gov/vuln/detail/CVE-2021-41816).
13-
We strongly recommend upgrading Ruby.
11+
CGI.escape_html에서 버퍼 오버런 취약점이 발견되었습니다.
12+
이 취약점은 CVE 번호 [CVE-2021-41816](https://nvd.nist.gov/vuln/detail/CVE-2021-41816)으로 등록되었습니다.
13+
Ruby를 갱신하는 것을 강력히 권장합니다.
1414

15-
## Details
15+
## 세부 내용
1616

17-
A security vulnerability that causes buffer overflow when you pass a very large string (> 700 MB) to `CGI.escape_html` on a platform where `long` type takes 4 bytes, typically, Windows.
17+
이 보안 취약점은 `long` 타입으로 4바이트를 받는, Windows 등의 환경에서 `CGI.escape_html`에 700MB 이상의 매우 긴 문자열을 넘길 경우 버퍼 오버플로우를 발생시킵니다.
1818

19-
Please update the cgi gem to version 0.3.1, 0.2.1, and 0.1.1 or later. You can use `gem update cgi` to update it. If you are using bundler, please add `gem "cgi", ">= 0.3.1"` to your `Gemfile`.
20-
Alternatively, please update Ruby to 2.7.5 or 3.0.3.
19+
cgi gem의 버전을 0.3.1, 0.2.1, 0.1.1 또는 그 이상의 버전으로 갱신해 주세요. `gem update cgi` 명령으로 갱신할 수 있습니다. Bundler를 사용하고 있다면, `Gemfile``gem "cgi", ">= 0.3.1"`를 추가해 주세요.
20+
또는 Ruby를 2.7.5나 3.0.3으로 갱신해 주세요.
2121

22-
This issue has been introduced since Ruby 2.7, so the cgi version bundled with Ruby 2.6 is not vulnerable.
22+
이 문제는 Ruby 2.7에서 발생했으므로, Ruby 2.6에 내장되어있는 cgi 버전은 영향을 받지 않습니다.
2323

24-
## Affected versions
24+
## 해당 버전
2525

26-
* cgi gem 0.1.0 or prior (which are bundled versions with Ruby 2.7 series prior to Ruby 2.7.5)
27-
* cgi gem 0.2.0 or prior (which are bundled versions with Ruby 3.0 series prior to Ruby 3.0.3)
28-
* cgi gem 0.3.0 or prior
26+
* cgi gem 0.1.0 이하(Ruby 2.7.5 이하에 내장된 버전)
27+
* cgi gem 0.2.0 이하(Ruby 3.0.3 이하에 내장된 버전)
28+
* cgi gem 0.3.0 이하
2929

30-
## Credits
30+
## 도움을 준 사람
3131

32-
Thanks to [chamal](https://hackerone.com/chamal) for discovering this issue.
32+
이 문제를 발견해 준 [chamal](https://hackerone.com/chamal)에게 감사를 표합니다.
3333

34-
## History
34+
## 수정 이력
3535

36-
* Originally published at 2021-11-24 12:00:00 (UTC)
36+
* 2021-11-24 12:00:00 (UTC) 최초 공개

0 commit comments

Comments
 (0)