Количество 12
Количество 12
GHSA-76wm-422q-92mq
Code injection in RubyGems
CVE-2019-8324
An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.
CVE-2019-8324
An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.
CVE-2019-8324
An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.
CVE-2019-8324
An issue was discovered in RubyGems 2.6 and later through 3.0.2. A cra ...
RLSA-2019:1972
Important: ruby:2.5 security update
ELSA-2019-1972
ELSA-2019-1972: ruby:2.5 security update (IMPORTANT)
BDU:2020-00760
Уязвимость функции sure_loadable_spec системы управления пакетами RubyGems, связанная с ошибками обработки многострочных имен, позволяющая нарушителю выполнить произвольный код
ELSA-2019-1235
ELSA-2019-1235: ruby security update (IMPORTANT)
openSUSE-SU-2019:1771-1
Security update for ruby-bundled-gems-rpmhelper, ruby2.5
SUSE-SU-2019:1804-1
Security update for ruby-bundled-gems-rpmhelper, ruby2.5
SUSE-SU-2020:1570-1
Security update for ruby2.1
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-76wm-422q-92mq Code injection in RubyGems | CVSS3: 8.8 | 1% Низкий | больше 6 лет назад |
 | CVE-2019-8324 An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check. | CVSS3: 8.8 | 1% Низкий | больше 6 лет назад |
 | CVE-2019-8324 An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check. | CVSS3: 7.2 | 1% Низкий | почти 7 лет назад |
 | CVE-2019-8324 An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check. | CVSS3: 8.8 | 1% Низкий | больше 6 лет назад |
| CVE-2019-8324 An issue was discovered in RubyGems 2.6 and later through 3.0.2. A cra ... | CVSS3: 8.8 | 1% Низкий | больше 6 лет назад |
 | RLSA-2019:1972 Important: ruby:2.5 security update | 1% Низкий | больше 6 лет назад | |
| ELSA-2019-1972 ELSA-2019-1972: ruby:2.5 security update (IMPORTANT) | больше 6 лет назад | ||
 | BDU:2020-00760 Уязвимость функции sure_loadable_spec системы управления пакетами RubyGems, связанная с ошибками обработки многострочных имен, позволяющая нарушителю выполнить произвольный код | CVSS3: 8.8 | 1% Низкий | больше 6 лет назад |
| ELSA-2019-1235 ELSA-2019-1235: ruby security update (IMPORTANT) | больше 6 лет назад | ||
 | openSUSE-SU-2019:1771-1 Security update for ruby-bundled-gems-rpmhelper, ruby2.5 | больше 6 лет назад | ||
| SUSE-SU-2019:1804-1 Security update for ruby-bundled-gems-rpmhelper, ruby2.5 | больше 6 лет назад | ||
| SUSE-SU-2020:1570-1 Security update for ruby2.1 | больше 5 лет назад |
Уязвимостей на страницу