Lucene search
Alpine Linux Development TeamALPINE:CVE-2018-8778HistoryApr 03, 2018 - 10:29 p.m.
CVE-2018-8778
2018-04-0322:29:00
Alpine Linux Development Team
security.alpinelinux.org
16
0.005 Low
EPSS
Percentile
75.0%
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format (similar to format string vulnerabilities) can trigger a buffer under-read in the String#unpack method, resulting in a massive and controlled information disclosure.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-main | noarch | ruby | < 2.5.1-r0 | UNKNOWN |
| Alpine | 3.10-main | noarch | ruby | < 2.5.1-r0 | UNKNOWN |
| Alpine | 3.11-main | noarch | ruby | < 2.5.1-r0 | UNKNOWN |
| Alpine | 3.12-main | noarch | ruby | < 2.5.1-r0 | UNKNOWN |
| Alpine | 3.13-main | noarch | ruby | < 2.5.1-r0 | UNKNOWN |
| Alpine | 3.14-main | noarch | ruby | < 2.5.1-r0 | UNKNOWN |
| Alpine | 3.15-main | noarch | ruby | < 2.5.1-r0 | UNKNOWN |
| Alpine | 3.16-main | noarch | ruby | < 2.5.1-r0 | UNKNOWN |
| Alpine | 3.17-main | noarch | ruby | < 2.5.1-r0 | UNKNOWN |
| Alpine | 3.18-main | noarch | ruby | < 2.5.1-r0 | UNKNOWN |
Related
veracode
veracode
Information Disclosure
2019-05-16 03:22:57
prion
prion
Format string
2018-04-03 22:29:00
hackerone
hackerone
Ruby: controlled buffer under-read in pack_unpack_internal()
2017-12-15 12:21:22
cve
cve
CVE-2018-8778
2018-04-03 22:29:00
ubuntucve
ubuntucve
CVE-2018-8778
2018-04-03 00:00:00
osv
osv
CVE-2018-8778
2018-04-03 22:29:00
ruby1.8 - security update
2018-04-23 00:00:00
ruby1.9.1 - security update
2018-04-23 00:00:00
debiancve
debiancve
CVE-2018-8778
2018-04-03 22:29:00
nessus
nessus
RHEL 7 : ruby (RHSA-2020:2212)
2020-05-20 00:00:00
RHEL 7 : ruby (RHSA-2020:1963)
2020-04-29 00:00:00
RHEL 7 : ruby (RHSA-2020:2288)
2020-11-18 00:00:00
redhat
redhat
(RHSA-2020:2212) Moderate: ruby security update
2020-05-19 13:16:01
(RHSA-2020:2288) Moderate: ruby security update
2020-05-26 08:52:58
(RHSA-2020:1963) Moderate: ruby security update
2020-04-29 09:03:52
redhatcve
redhatcve
CVE-2018-8778
2018-03-29 09:19:43
openvas
openvas
Ubuntu: Security Advisory (USN-3626-1)
2018-10-26 00:00:00
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2018-1206)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2018-1275)
2020-01-23 00:00:00
ubuntu
ubuntu
Ruby vulnerabilities
2018-04-16 00:00:00
debian
debian
[SECURITY] [DLA 1359-1] ruby1.8 security update
2018-04-23 09:52:22
[SECURITY] [DLA 1358-1] ruby1.9.1 security update
2018-04-23 09:51:34
[SECURITY] [DSA 4259-1] ruby2.3 security update
2018-07-31 21:40:52
fedora
fedora
[SECURITY] Fedora 27 Update: ruby-2.4.4-89.fc27
2018-06-06 12:59:35
[SECURITY] Fedora 28 Update: ruby-2.5.1-92.fc28
2018-04-15 02:45:12
[SECURITY] Fedora 26 Update: ruby-2.4.4-88.fc26
2018-05-29 11:09:55
slackware
slackware
[slackware-security] ruby
2018-03-29 22:43:54
freebsd
freebsd
ruby -- multiple vulnerabilities
2018-03-28 00:00:00
f5
f5
K80173446 : Multiple Ruby vulnerabilities
2018-05-08 00:00:00
mageia
mageia
Updated ruby packages fix security vulnerability
2018-10-26 21:47:14
centos
centos
ruby, rubygem, rubygems security update
2019-08-30 04:17:17
amazon
amazon
Medium: ruby20, ruby22, ruby23, ruby24
2018-04-04 23:18:00
Medium: ruby
2019-08-23 03:41:00
oraclelinux
oraclelinux
ruby security update
2019-08-13 00:00:00
suse
suse
Security update for ruby-bundled-gems-rpmhelper, ruby2.5 (important)
2019-07-21 00:00:00
apple
apple
About the security content of macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan
2018-07-09 00:00:00