Количество 8
Количество 8
GHSA-47cm-jxff-w8wg
The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-2017-17405. NOTE: situations with untrusted input may be highly unlikely.
CVE-2017-17790
The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-2017-17405. NOTE: situations with untrusted input may be highly unlikely.
CVE-2017-17790
The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-2017-17405. NOTE: situations with untrusted input may be highly unlikely.
CVE-2017-17790
The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-2017-17405. NOTE: situations with untrusted input may be highly unlikely.
CVE-2017-17790
The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 us ...
BDU:2019-04563
Уязвимость функции lazy_initialize интерпретатора языка программирования Ruby, позволяющая нарушителю выполнить произвольный код
ELSA-2018-0378
ELSA-2018-0378: ruby security update (IMPORTANT)
SUSE-SU-2020:1570-1
Security update for ruby2.1
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-47cm-jxff-w8wg The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-2017-17405. NOTE: situations with untrusted input may be highly unlikely. | CVSS3: 9.8 | 8% Низкий | больше 3 лет назад |
 | CVE-2017-17790 The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-2017-17405. NOTE: situations with untrusted input may be highly unlikely. | CVSS3: 9.8 | 8% Низкий | почти 8 лет назад |
 | CVE-2017-17790 The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-2017-17405. NOTE: situations with untrusted input may be highly unlikely. | CVSS3: 8.1 | 8% Низкий | почти 8 лет назад |
 | CVE-2017-17790 The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-2017-17405. NOTE: situations with untrusted input may be highly unlikely. | CVSS3: 9.8 | 8% Низкий | почти 8 лет назад |
| CVE-2017-17790 The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 us ... | CVSS3: 9.8 | 8% Низкий | почти 8 лет назад |
 | BDU:2019-04563 Уязвимость функции lazy_initialize интерпретатора языка программирования Ruby, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.8 | 8% Низкий | почти 8 лет назад |
| ELSA-2018-0378 ELSA-2018-0378: ruby security update (IMPORTANT) | больше 7 лет назад | ||
 | SUSE-SU-2020:1570-1 Security update for ruby2.1 | больше 5 лет назад |
Уязвимостей на страницу