[3.5] Ruby 2.2.9, 2.3.6, 2.4.3, 2.5.0 Multiple VulnerabilitiesID: oval:org.secpod.oval:def:1800958 | Date: (C)2018-04-04 (M)2024-01-29 |
Class: PATCH | Family: unix |
Ruby has multiple vulnerabilities: CVE-2017-17742: HTTP response splitting in WEBrick CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir CVE-2018-8777: DoS by large request in WEBrick CVE-2018-8778: Buffer under-read in String#unpack CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir Multiple vulnerabilities in RubyGems Fixed in ruby 2.5.1, 2.4.4, 2.3.7, 2.2.10
Platform: |
Alpine Linux 3.5 |