exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 7

CVE-2017-0903

около 8 лет назад

RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution.

CVSS3: 9.8

EPSS: Низкий

CVE-2017-0903

около 8 лет назад

RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution.

CVSS3: 5.6

EPSS: Низкий

CVE-2017-0903

около 8 лет назад

RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution.

CVSS3: 9.8

EPSS: Низкий

CVE-2017-0903

около 8 лет назад

RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possibl ...

CVSS3: 9.8

EPSS: Низкий

GHSA-mqwr-4qf2-2hcv

больше 3 лет назад

RubyGems vulnerable to Deserialization of Untrusted Data

CVSS3: 9.8

EPSS: Низкий

ELSA-2018-0378

больше 7 лет назад

ELSA-2018-0378: ruby security update (IMPORTANT)

EPSS: Низкий

SUSE-SU-2020:1570-1

больше 5 лет назад

Security update for ruby2.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2017-0903 RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution.	CVSS3: 9.8	5% Низкий	около 8 лет назад
CVE-2017-0903 RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution.	CVSS3: 5.6	5% Низкий	около 8 лет назад
CVE-2017-0903 RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution.	CVSS3: 9.8	5% Низкий	около 8 лет назад
CVE-2017-0903 RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possibl ...	CVSS3: 9.8	5% Низкий	около 8 лет назад
GHSA-mqwr-4qf2-2hcv RubyGems vulnerable to Deserialization of Untrusted Data	CVSS3: 9.8	5% Низкий	больше 3 лет назад
ELSA-2018-0378 ELSA-2018-0378: ruby security update (IMPORTANT)			больше 7 лет назад
SUSE-SU-2020:1570-1 Security update for ruby2.1			больше 5 лет назад

Уязвимостей на страницу