Описание
active-support ruby gem 5.2.0 could allow a remote attacker to execute arbitrary code on the system, caused by containing a malicious backdoor. An attacker could exploit this vulnerability to execute arbitrary code on the system.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:activesupport_project:activesupport:5.2.0:*:*:*:*:ruby:*:*
EPSS
Процентиль: 90%
0.05117
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-77
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 7 лет назад
active-support ruby gem 5.2.0 could allow a remote attacker to execute arbitrary code on the system, caused by containing a malicious backdoor. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS3: 9.6
fstec
больше 7 лет назад
Уязвимость пакета active-support gem для языка программирования Ruby, позволяющая нарушителю выполнить произвольный код
EPSS
Процентиль: 90%
0.05117
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-77
NVD-CWE-noinfo