[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

[3.6] Ruby 2.2.9, 2.3.6, 2.4.3, 2.5.0 Multiple Vulnerabilities

ID: oval:org.secpod.oval:def:1800960Date: (C)2018-04-05   (M)2024-01-29
Class: PATCHFamily: unix




Ruby has multiple vulnerabilities: CVE-2017-17742: HTTP response splitting in WEBrick CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir CVE-2018-8777: DoS by large request in WEBrick CVE-2018-8778: Buffer under-read in String#unpack CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir Multiple vulnerabilities in RubyGems Fixed in ruby 2.5.1, 2.4.4, 2.3.7, 2.2.10

Platform:
Alpine Linux 3.6
Product:
ruby
Reference:
8748
CVE-2017-17742
CVE-2018-6914
CVE-2018-8777
CVE-2018-8778
CVE-2018-8779
CVE-2018-8780
CVE    6
CVE-2017-17742
CVE-2018-8780
CVE-2018-6914
CVE-2018-8777
...
CPE    2
cpe:/o:alpinelinux:alpine_linux:3.6
cpe:/a:ruby-lang:ruby

© SecPod Technologies